Cyber Insurance is a new and emerging part of the insurance sector. Most of the coverages are so infant that common terms have not yet been established by the insurance industry. Most of the risks associated with cyber technology are so new that many business owners still think they do not effect their business. Those business owner’s are wrong. In today’s day and age, it is becoming more and more difficult to operate a successful business without a presence online or without storing some type of information about your customers. In these situations a business must have cyber insurance or run the risk of being liable for all costs as a result of a data breach.
A normal General Liability Insurance Policy does not cover damages caused by most data breaches. This is a fact many business owner’s do not realize. Many business owner’s think General Liability Insurance is an all encompassing coverage. It is not all encompassing. Most General Liability Policies covers losses due to bodily injury and property damage. Third party information lost in a data breach does not fall under losses covered by a General Liability Policy. A separate Cyber Insurance Policy is necessary in addition to a General Liability Policy.
Frequently business owner’s think they just don’t have enough customers for cyber insurance to be relevant. They might think not enough people in their business even use a computer for business purposes or they do not have enough customers for someone to want to hack them, but the main way data is stolen is not from sophisticated hacking techniques. Data is often stolen by someone stealing a laptop. A stolen laptop could happen to any business, not just those who work with advanced computer technology.
When a data breach does occur, the average cost to a business is around $200 dollars per customer. If your business loses the information of 100 customers, it could cost your company $20,000. If that amount were 10,000 customers it would cost about $2 million. Could your business survive a loss of these amounts? If not than you need some form of cyber insurance.
There are three main types of coverage a company may need: Cyber Liability, Cyber Security and Technology Errors and Omissions. The first two deal with coverage resulting from a data breach. The third deals with companies that provide technology services and products.
Cyber Security is the term most commonly used to refer to first party coverage. First party coverage deals with damages to you and your company. These damages are often referred to as the immediate response costs resulting from a data breach. These costs include notifying all customers who are affected, hiring a forensic team to find out how the breach occurred and providing credit monitoring services for up to one year. These three costs are required by law in most states. Cyber Security Coverage would also cover costs like hiring a public relations firm to help repair your businesses tarnished image and setting up a post breach call-center to service customer concerns.
Cyber Liability is the term most commonly used to refer to third party liability dealing with a data breach. Some industry professionals may refer to it as Information Security and Privacy Insurance. Third party coverage deals with damages to anyone who is not you or your employee, who was harmed by the data breach. It includes customers whose data was stolen or vendors you do business with. This will pay up to the policy limits for court costs, defense costs, some fines related to the breach and lost monies that were stolen from those effected.
Technology Errors and Omissions
The final type of coverage is Technology Errors and Omissions Insurance. This type of policy is a form of liability insurance that helps protect businesses providing all types of technology services and products. This coverage prevents businesses from bearing the full cost of defending against a negligence claim made by a client, and damages awarded in a civil lawsuit. Costly mistakes can and will happen, even to employees with the best training and years of experience. Technology Errors and Omissions Insurance is designed for when these errors take place. A good example where this coverage is necessary would be if a web developer provided faulty coding that causes a business to be closed for several days because their website is down.
Not all businesses need all three of these coverages. The most common coverages businesses need are Cyber Liability and Cyber Security. Not all businesses will need Technology Errors and Omissions Insurance, but those that do typically are at a very high risk if not insured. Most insurance providers prefer to offer these coverage’s as a part of a Business Owner’s Policy (BOP). A BOP usually includes general liability, business property, business loss of income, EPLI and cyber insurance. Offering packages like this contain the cost to the business and helps ensure there are no gaps in coverage. In today’s business climate some form of cyber insurance is essential to all businesses. Is your business at risk?