What if my business does not deal with computers? Does that mean I really don’t need Cyber Liability Insurance? What if I am the only person in my business who uses a computer? Doesn’t that mean I don’t face all that much risk? Let’s say I might need Cyber Insurance, but what kind and how much?
Do any of these statements sound familiar? If so, you definitely need Cyber Liability Insurance. The term Cyber Liability Insurance is used pretty generally because cyber security is such a young sector and the data about the risks are changing very rapidly. Business owners and insurance companies are still having trouble determining who is at risk and how much risk those businesses actually face. Just because this is a new type of insurance coverage does not diminish the importance it can have for protecting your business.
Many business owners think a data breach can only occur to a big multi-national corporation. For the big data breaches that make the news, this is certainly true, but the truth is most data breach first start out with small mom and pop businesses. These mom and pop businesses are first hacked with the hackers intention of gaining access to a much larger database. This usually occurs through carious types of vendor partnerships. In the case of Target and Home Depot both of these breaches were first accessed by a much smaller business partner, who was hacked. For this reason it is immensely important for you to talk with an experienced independent insurance agent about all the risks your business faces.
The three main types of Cyber Liability Insurance Coverage are Cyber Security, Cyber Liability and Technology Errors and Omissions Insurance. The first two deal with risks relating to a Data Breach. The third deals with companies that provide technology services and products.
Cyber Security Insurance is also known as Privacy Notification and Crisis Management Expense Insurance. This coverage includes coverage for first party damage to you and your business. This coverage does not protect your business from damage done to third parties. Cyber Security Insurance deals specifically with the immediate response costs associated with a data breach. In many cases it is required by law to find out how the breach occurred, notify those affected and provide credit monitoring services for one year.
Examples of costs included in Cyber Security Coverage include:
hiring a forensics expert to determine the cause of the breach, suggest measures to secure the site and prevent future breaches
hiring a public relations agency to assist in dealing with the crisis
setting up a post-breach call center
notifying affected individuals whose personally identifiable information (PII) has been compromised
monitoring these individuals’ credit (usually for 1 year)
paying the costs to “restore” stolen identities as a result of a data breach (e.g., expenses of notifying banks and credit card companies)
Cyber Liability Insurance, also termed Information Security and Privacy Insurance, covers the insured’s liability for damages resulting from a data breach. It does not cover expenses that deal with the immediate response cost. This type of insurance protects businesses which sell products and services directly on the internet. Also, it protects businesses which collect data within its internal electronic network. The most common forms of data breach involve personal or financial information like credit card numbers, bank account information, social security numbers, health information, trade secrets or intellectual property.
The types of situations where this information are accessed include:
An employee’s car is broken into and a business laptop is stolen.
An email containing sensitive customer information is sent to the wrong person.
Important paperwork, like a credit application, is taken during a break-in.
Failure to timely disclose a data breach.
Technology Errors and Omissions
Technology Errors and Omissions Insurance, also referred to as Professional Liability or E&O, is a form of liability coverage that protects businesses who provide or sell technology services and products. This coverage prevents businesses from bearing the full cost of defending against a negligence claim made by a client, and damages awarded in a civil lawsuit. This can include business who sell and service computer products, but it can also include graphic designers and advertising agencies who create digital content that can harm a company’s reputation. It covers computer programmers who may create faulty code for a website that causes that business to mail products to the wrong addresses.
Cyber Liability Insurance is a new and emerging part of the insurance industry and it is not going anywhere. These risks are only going to become stronger as more and more business operate online. Before too long Cyber Security Insurance will be a normal part of businesses insurance policy just like workers compensation Insurance and general liability Insurance are today. Now is the time to consider if and how much cyber insurance your business needs.