What is cyber security insurance?
Does your business maintain electronic records with personal data on your clients? Is your company prepared to absorb the significant financial implications associated with an unauthorized breach of that data? Could a virus cripple your PC network? If so, do you have enough cash reserves to make up for the downtime or can you survive the loss of business?
If you cannot answer any of these questions, it may be the right time to call your insurance agent and ask about cyber security insurance. That is a catch-all term for policies that cover hacked computers, virus attacks, denial-of-service attacks, web content liability and other technology-related areas. Cyber security insurance also goes by e-commerce, e-business,
information security, cyber risk, network security or hackers insurance.
As a business owner, you know that electronic records and data are just as valuable, if not more valuable, than paper or hard-copy documents. Although not physical in nature electronic data is nonetheless “essential” in all aspects of your business activities and has intrinsic value.
Cyber security insurance is designed for the protection of intangible data. It can be easily explained as coverage for professional errors and the risk of doing business on the internet or working with a network system. In you are automated, then you are susceptible to the threat of a breach of your systems, your data and your trust. Anyone who is running a business (or someone who is just starting out) really needs to consider this coverage as much as they would consider any other aspect of their business insurance needs.
Is there anything I can do to reduce my cyber security risk exposure?
You can reduce your risk by:
• installing audit features that monitor logon and logoff activities,
• providing warning that unauthorized users may be subject to monitoring and prosecution,
• developing and implementing a trap and tracing mechanism with your local telephone company,
• implementing systems that identify outside callers,
• reporting significant security breaches to relevant government agencies,
• implementing policies and guidelines regarding the use of computing and information
• encouraging employees to use encryption technologies, if appropriate; and
• implementing security upgrades when they become available.
Why should I consider cyber security insurance for my business?
A few examples of why you need and should consider cyber security insurance:
• Costs you could incur to make the proper mandatory notification to your customers if a breach of your system occurs. Many states have mandatory notification requirements which require business owners to properly notify their customers when a security breach has occurred. Some states also require these business owners to provide their customers with free credit reports for a year, which can become quite costly.
• Misuse of any information, which is either confidential or subject to statutory restrictions on its use. Do you have any personal or confidential data on your system that a hacker would want and could gain unauthorized access to?
• Defamation. You, as a company, have a direct responsibility for what is on your website. Companies also can be held responsible for their employee’s email content.
• Transmission of a virus. Did you know that a company could be held liable if a third party contracts a virus from your company’s website or email and as result, that third party suffers a loss as a direct of that virus?
• Legal costs incurred in the defense of an action for loss. Do not forget about the costs involved just to defend accompany when a third party accuses or sues because of the harm or lost revenue caused to their company by your system’s breach.
Some states require you to notify each individual that has been affected due to a breach of your data. A recent study by Digital Forensics Association of data breach occurrences from 2006-2010 reports people’s records were “lost” on an average of 15,000 records per hour over that time span, which cost businesses more than $156 billion. Moreover, the frequency of attacks increased in 2011. Small-to-medium sized businesses represent prime attack targets for many hackers, who favor highly automated, repeatable attacks against these more vulnerable targets.
What does a cyber security policy typically include?
• Legal liability for damages to third parties, caused by a breach of network
security,
• Coverage for loss caused by an administrative or operational error,
• Breach of privacy coverage for damages resulting from alleged violations of HIPPAA, state and federal privacy protection las and regulations,
• Customer notification expense reimbursement (policy sublimit will be set),
• Public relations expense coverage,
• Comprehensive business interruption expense coverage; and
• Cyber extortion reimbursement coverage.
If your company uses computers in any fashion to maintain or disseminate data on your clients, you need cyber security coverage. Call our agency for further information.
