Almost every business has a cyber liability exposure, and most businesses are securing some form of coverage to protect them from these types of threats. A recent report by a leading insurance firm said that purchases of cyber insurance grew over 30% in the last year. Did you know that an average business has a greater chance of having a cyber breach than it does of having a fire? It is true, and your basic business insurance policy most likely will not cover cyber liability losses.
It has become clear that even a good information technology (IT) department cannot solve or prevent all cyber risks.
Every business should have a cyber preparedness plan that includes effective security, managed backup, and cyber liability insurance. Forty-eight states have enacted legislation that requires businesses to notify individuals of security breaches of information involving personally identifiable information—even if the information has not been used. In most cases, the notification must also include a one-year credit monitoring service offer along with a new card or account number for each customer. Costs can be as much as $250 per customer per individual breach.
More than 40 percent of small businesses do not have an adequate IT security budget, according to a November 2016 survey by the Ponemon Institute. In addition, a 2016 study by the National Cyber Security Alliance suggests that 50% of small businesses close their doors within six months of a data breach. A data or cyber breach can not only cost a business money, but also their reputation.
Cyber Liability Insurance
According to the International Risk Management Institute, cyber insurance covers liability associated with the exposure or theft of customer personal information, such as Social Security or credit card numbers, resulting from unauthorized access of the electronic network. Cyber policies cover a variety of expenses associated with data breaches, including notification costs, credit monitoring services, costs to defend claims by state regulators, fines, penalties, and loss resulting from identity theft.
Cyber policies also cover liability arising from website media content as well as breach related property losses such as: (a) business interruption, (b) data loss/destruction, (c) computer fraud, (d) funds transfer loss, and (e) cyber extortion.
Our office can provide your business with the right combination of coverages suited for your company. Cyber risk insurance is available at very reasonable premiums and helps protect your business from the losses associated with cyber liability.
For more information on cyber liability insurance click here
Examples of Cyber Breaches
- A manufacturer received a call and email from someone whom they believed represented their bank, asking for a verification of funds request. The CFO provided the information and $75,000 was removed from their account. The cyber thief was able to take $75,000 from the manufacturer.
- A small business was hacked by a local teenager who stole social security numbers and bank account data from customer files. The business incurred notification and credit monitoring costs as well as the legal expenses and damages from potential lawsuits. The result of the loss was more than $200,000.
- A restaurant had 200 credit card records stolen. The hacker was able to charge $120,000 on the credit cards. The restaurant incurred notification costs and direct damage costs of over $250,000.
- An employee of a healthcare provider lost a laptop while traveling. The laptop contained names, addresses, birth dates, and social security numbers for 150 patients. The company paid for one year of credit report monitoring to affected patients to mitigate future issues. The total cost was $25,000.
- A cybercriminal hacked into a small business’s internal processing system. Names, addresses, and credit card information for over 5,000 clients were captured out of the system. The results caused the small business to close its doors due to the cost of notification and liability claims.
- A charity with offices in several cities suffered a major data breach involving thousands of donors. As a result, the Attorney General in that State brought regulatory action against the charity.