What Is Cyber Insurance and How Does It Protect You?
With 80% of business leaders planning to allow part-time remote work after the pandemic, and more external devices connecting to computer networks as a result, businesses now face an even greater risk of cyberattacks. This prompts questions about cybersecurity. Is your business secure? How can you reduce your risk? Specifically, what is cyber insurance, and how can it protect you?
The impacts of a cyberattack can be immense, posing financial and reputational risks to your business and negatively impacting your clients. Recovery also can take a long time, potentially damaging business for months to come. Research from IBM indicates that it takes the average company 280 days to identify and contain a data breach and costs an average of $150 per record when customers' personally identifiable information is compromised or exposed.
Along with implementing advanced security solutions, cyber insurance can reduce these risks and the potential impact of a security incident within your organization.
What is cyber insurance?
Cybersecurity insurance provides liability coverage for your business if it experiences a security breach that exposes private data, such as a customer's account, credit card or Social Security number.
It's important to note that digital infrastructure often exists outside any general liability insurance you may have, as those policies usually only cover property damage and physical injuries involving your business.
A cyber policy may cost significantly less than the recovery costs associated with a security incident. Recent industry research indicates most businesses pay a median cost of $140 a month for cyber insurance, and 27% of small business owners pay less than $1,000 a year for this coverage. When you consider that the average cost of a data breach in 2020 was $3.86 million, along with the intangible costs associated with damage to your reputation and loss of customer trust, cyber insurance appears to be a much cheaper investment.
What does it cover?
Cyber insurance is beneficial to counteract many of the digital risks businesses currently face. These policies typically provide coverage for losses related to security incidents, such as malware, ransomware and phishing attacks. This includes the cost of hiring security experts to help you recover data and repair systems compromised by the attack, as well as some or most of the costs associated with regulatory fines or lawsuits from customers or third parties impacted by the breach. Some policies also include identity theft recovery services for customers who need them as a result of the incident.
Additionally, your business may be able to recoup the revenue lost due to the breach in the form of a payout from your cyber insurance provider. However, most insurers only provide benefits for business disruptions directly related to a security breach, such as a ransomware attack that prevents your business from accessing critical systems and performing your normal operations.
Every policy will be different, depending on your business needs and how much coverage you can afford. That's why it's important to assess your business risks, understand what cyber insurance offers and determine what type of policy is right for you.
Should you get cyber insurance?
Realistically, any business that collects external data should consider cyber insurance. However, the risk isn't the same for all.
If you're in a data-intensive industry, such as healthcare, technology or financial services, you should consider a cyber policy no matter the size of your business—especially if large companies outsource some of their operations to you.
However, if you're in a primarily cash- or check-based business, such as construction, landscaping or home repairs, and you rely on paper-based processes for most operations, don't collect a lot of client data or aren't yet profitable enough to offset this insurance cost, then it might be best to wait and consider cyber insurance in the future, as your business grows and develops.
Many small businesses that collect client data assume hackers won't target them—they think hackers would focus their efforts on larger, more profitable businesses. Unfortunately, this isn't true. Small businesses without advanced security solutions or enterprise-grade cybersecurity platforms are prime targets for hackers.
Part of providing great service now means doing everything possible to protect your clients' information and your business's critical systems. Cyber insurance may offer the best solution, and at the very least, shows you care about keeping things secure.
Financial insights for your business
This information is provided for educational purposes only and should not be relied on or interpreted as accounting, financial planning, investment, legal or tax advice. First Citizens Bank (or its affiliates) neither endorses nor guarantees this information, and encourages you to consult a professional for advice applicable to your specific situation.