What is cyber insurance?
Business owners know they need certain basic types of insurance, depending on their particular risks: general liability in case someone hurts themselves, commercial property to protect your place of business from break-in or theft, or workers’ compensation if an employee is injured on the job.
But fewer people have considered the extent of their exposure to online risks. Fortunately, at W3 we provide cyber liability insurance that protects you from the growing threat of data breaches and cyber crime, and covers the significant costs that can follow.
Who needs cyber insurance?
Cyber crime affects everyone. But many businesses don’t realize the risks. 91% of small businesses don’t have cyber insurance, and 54% of small business owners think they’re too small to be targeted.
But that’s not the case. While big attacks on large companies make the headlines, small-to-mid-sized enterprises have less cyber infrastructure and therefore have greater vulnerabilities to hackers. Over 40% of cyber attacks are against organizations with fewer than 250 employees, and 60% of small businesses that are the victims of a cyber attack close permanently within six months.
That’s because the consequences of a data breach can be extremely expensive. Finding out exactly what happened is costly and complicated, and your business may lose money while you’re determining the scope and origin of an event like a denial of service attack, which prevents users from accessing your network. 40% of small businesses experience eight or more hours of downtime following a breach of their cyber security.
On top of that, companies often have a legal obligation to notify customers of an event when personally identifiable information (PII) is compromised. This sudden workload, along with any subsequent complaints or litigation, can impose significant and unanticipated costs. Small businesses spend an average of $955,000 to restore normal operations in the wake of a cyber attack.
What does cyber insurance cover?
Industry experts say a small business’s cyber security budget should be at least 3% of a company’s total spending. Yet, four out of five small businesses don’t have any money set aside for dealing with a cyber attack – and over half have no plans in place for how to respond.
Fortunately, cyber insurance covers a wide array of potential expenses following a security breach. These can include:
- Incident investigation
- Notifying customers about a data breach
- Legal fees and expenses related to litigation
- Repairing damaged computer systems
- Recovering lost or stolen data
- Providing credit and information monitoring for affected users
Remember: cyber attacks don’t just damage your computer system. The theft of customer or employee information can also damage your company’s reputation. Much of your response to a data breach will focus on restoring trust with your customers.
How do I become insurable?
New cyber threats are constantly emerging, and that makes it particularly challenging for insurers to assess your level of risk. Consequently, a minimum standard of existing security is necessary for your business to be eligible for cyber insurance protection. You’ll need (in order of importance):
- Multi-Factor Authentication (MFA) – for employee email and remote access. 63% of confirmed data breaches leverage a weak, default, or stolen password. But MFA requires the use of two or more components to authenticate a user’s identity before granting network access.
- Offsite backups of critical data – safely secured backups, either in the cloud or accessible offline, prevent cyber attackers from gaining total access to your information. This can help you easily and quickly restore files that have been compromised.
- Encryption – encryption encodes information, either in storage or in transit, to make it inaccessible to third parties without a key.
- Endpoint Detection and Response (EDR) – EDR is a type of cybersecurity that uses a central data repository to observe and analyze vulnerabilities and suspicious behavior on desktops, laptops, and mobile devices that are connected to or accessing a business’s network.
Insurance that Works for You
Understanding your risk is the first step in addressing the problem. At Wallace Welch & Willingham, we don’t just provide cyber insurance; we also equip you with a comparison service that will help you determine the best policy for your business. Similar phrases can refer to very different policy protections when you’re looking for quotes, so it’s important to know you’re comparing apples to apples. W3 will help you compare policies to find the one that fits your needs. Request a quote today!