Like other insurance models, cyber insurance (also referred to as cyber liability insurance or data breach insurance) provides coverage for a type of loss. In the case of cyber liability insurance, this type of loss would include the impact of data breaches and cyberattacks. In this article, we'll cover the top-asked questions about cyber insurance and some expert tips for getting the right coverage at the right price.
The Importance of Cyber Liability Insurance
The changes spurred by the pandemic have impacted every industry, but if there is one group that most benefited from those changes, it’s cyber criminals. That’s why cybercrime has shot up by almost 300% since 2020. You know your organization must adopt the necessary measures to stay protected from cyberattacks, and one of these measures is to have cybersecurity insurance coverage.
What is Cyber Liability Insurance?
Cyber Liability Insurance covers financial losses that result from cyber events such as data breaches. However, cyber liability is not typically included within general business liability insurance and must be purchased separately. Each company offering a policy has different coverage options available, and different coverage exclusions as well.
Why invest in Cyber Liability Insurance?
Experts estimate that the damage inflicted by cybercrimes will add up to about $10.5 trillion globally by 2025. That’s higher than the GDP of the world’s third-largest economy, Japan, which sits at $5.38 trillion.
These recent statistics stress why organizations of all sizes and industries must consider cyber liability insurance:
- 85% of MSPs report ransomware as a common threat to mid-sized businesses
- Municipalities, Healthcare, and Education are within the top 5 sectors impacted by cyberattacks
- 68% of organizations have experienced one or more endpoint attacks that successfully compromised data
Having cybersecurity liability coverage could be the difference between your business sinking or staying afloat. Without cyber liability insurance, the various expenses you have to bear after an incident could financially harm your organization in the short term or, in the worst case, could result in the permanent closure of your business.
Here are a few expenses that an organization would have to manage following a severe cybersecurity incident:
- Cost of downtime
- Cost of investigation
- Cost of recovering data
- Cost of legal procedures
- Cost of notifying stakeholders about the incident
- Cost of restoring the personal identities of those affected
Good cyber insurance will cover these expenses, but always remember that before you commit to a policy, you must get clarity from your insurer about what they do and do not cover.
Does your business need it?
Any venture with cyber exposure must consider having cyber liability insurance. However, if your business handles or stores sensitive information online, such as electronically protected health information (ePHI) or personally identifiable information (PII), cyber liability insurance should be your top priority.
Make sure your cyber liability insurance has the following essential coverages:
- First-Party Coverage:
- Network security and privacy liability. Covers breach response costs like forensic investigations, public relations, credit monitoring, legal fees and fines/penalties.
- Business interruption losses and extra expenses. Covers lost revenue and added costs to continue business.
- Digital data recovery and cyber extortion expenses. Covers losses such as ransom paid due to ransomware.
- Third-Party Coverage:
- Cyber liability. Covers claims of lawsuit expenses resulting from breaches in client systems or networks.
- Media liability. Covers claims of libel, copyright/trademark infringement, etc., resulting from media use.
- Cybercrime Coverage:
Covers losses from digital theft of money or securities and social engineering fraud.
How do you choose a carrier?
Finding the right cyber liability insurance provider is not easy. While most insurance providers offer general liability coverage, they don’t always offer comprehensive cyber liability coverage. It is always ideal to choose an insurance provider rated ‘A’ or higher by the most reputable insurance rating agency.
Remember, just committing to a policy is not enough. You will also have to track and measure compliance with the agreement to make sure your contract is always valid and will, therefore, pay out in the event of an issue. Having the right partner by your side simplifies this process.
What are the requirements for coverage?
Insurance providers’ claims are increasing and costs are going up, therefore they are becoming more diligent and selective in their client risk levels. Here are the top 5 "Cybersecurity Basics" most providers are looking for:
Where Does Cyber Risk Come Into Play?
Evaluating your organization's cyber risk, both before obtaining coverage and regularly thereafter, is crucial not only for your cyber insurance policy costs but also for the likelihood of an insurance payout when you submit a claim.
While reviewing your claim, your cyber insurance provider will assess whether you took “due care” to protect your business from being compromised by a cyberattack. That’s why it is important to thoroughly review the terms of your cyber insurance policy and ensure that any risks that could lead to non-compliance are remediated. Not only will this leave you more protected from an attack, it will also be critical for the outcome of your cyber insurance claims.
What to Expect When it's Time for Renewals
The cyber landscape is constantly changing. For insurance providers, this means increased attention to detail and applying new standards as a response to large breaches and attacks. For years, experts have been stressing the importance of 'Assume Breach Mentalities' and active cybersecurity frameworks. Because of this, insurance providers are now putting a stronger emphasis on both pre- and post-breach systems.
As a rule, assume that your provider will expect to see improved security posture year-over-year when renewing policies. While the specifics may vary, a continued improvement mindset will help you stay secure and stay insured.
Ascend Can Help
Whether you are looking to find a cyber liability insurance policy that is right for your business, evaluating your risk and qualification level for a new policy, or looking to measure your compliance with existing cyber liability insurance contracts, we are here to help.