Cyber Insurance 101

What is cyber insurance?

Cyber insurance protects businesses against Internet-based risks, and more generally from risks relating to information technology infrastructure and activities. There are generally two levels of cyber liability coverage: first-party and third-party. First-party coverage encompasses direct losses to an organization or individual, whereas third-party coverage extends to claims and legal action taken by customers or partners.

Coverage varies by provider, but most cyber policies cover expenses associated with data breaches, including: notification costs, credit monitoring, costs to defend claims by state regulators, regulatory fines and penalties, and loss resulting from identity theft. Some policies may also include coverage for extortion, funds transfer fraud, and loss of business resulting from an attack or systems failure event.

Why do I need cyber insurance?

According to the 2016 Cyber Claims Study published by NetDiligence, the total cost of cyber and privacy-related claims last year topped $114 million. Personally identifiable information was the most reported data breach, with credit and payment card information being one of the most frequently stolen pieces of data.

Premiums on a cyber liability insurance policy that's designed to support your business's unique risks and budget will cost a fraction of the amount you could spend recovering from a cyber attack out-of-pocket. Maintaining cyber liability insurance will help keep you operational after an attack, and it demonstrates to your customers that you care about their well-being and privacy.

The raw legal costs for being sued while uninsured or underinsured can be catastrophic, with the average claim for 2016 coming in at $665,000. For small and mid-sized businesses, not having cyber liability insurance in the event of an attack could threaten the basic sustainability of your business.

How much does it cost?

The cost of cyber insurance varies greatly depending on the type of business you have and depth of coverage you require. Though it can seem costly, it is minuscule compared to the out of pocket costs your business could incur in the event of an attack. Various studies have averaged the cost per record breached as $190-$200, which can add up to thousands or millions of dollars very quickly.

Can I protect my business without cyber Insurance?

There are many ways to mitigate the risk of cyber threats, including staff education, encryption, bring-your-own-device policies and password policies. However, even the most prepared businesses can be significantly impacted by the damages caused by cyber attacks. Cyber Insurance can help you recover from a data breach or systems failure by mitigating the associated costs that arise following these events and should complement cybersecurity technology as part of an overall cyber risk management plan.


Have more questions? Submit a request