There are 3 insurance policies that can go a long way towards protecting your business from an attack.
This is a guest contribution from Mitchell Sharp.
In today’s business environment, it is nearly impossible for a business to not be a target for a cyber-attack. Cyber security is no longer just a problem for big businesses. Two of the largest data breaches in history, Target and Home Depot, were started by hacking a small business first. Many businesses still seem to underestimate the threat and the severity of the cost it could bring upon their business. What many of these same business owners fail to fully understand is that most cyber insurance policies can be added to a bundle of insurance policies for as little as a few hundred dollars depending on the size and scope of your business. There are three main policies that protect your business from a data breach. The first two are data breach and cyber liability coverage. These are typically sold in a pair because if you need one it is not wise to go without the other. The third policy Is technology errors and omissions insurance. This is a policy not all business need, but is extremely important to secure if you are a business who does sell and service technology products.
The seriousness of cyber security has never been more evident than in today’s business climate. According to the Ponemon Institute, a leading independent research tank focused on privacy and security, the average cost paid for each lost or stolen record containing sensitive and confidential information was $154 in 2015. If you lose the records of just 50 customers that can amount to more than $7,000. Most data breaches result in the loss of significantly more than 50 records. This same study from the Ponemon Institute, found the average total cost of a data breach is just under $4 million. For this reason, it is very wise for most companies to secure some form of cyber insurance. Here are the three main policies that can protect your business when a data breach does occur.
Data Breach Insurance
Data Breach Insurance is a policy that covers your business from the damage that occurs to you and your business. Within the insurance industry it is also referred to as Cyber Security and Privacy Notification and Crisis Management Expense Insurance. No matter what term you or your insurance agent use for this coverage it deals with the immediate response costs associated with a data breach. This coverage does not include the liability your business faces to third parties as a result of a data breach.
Some of the costs associated with this type of coverage include:
- Hiring a forensic expert to locate the source of the breach and fix it.
- Hiring a public relations firm to repair your businesses damaged image.
- Setting up a post breach call center.
- Notifying affected individuals whose personal information was breached.
- Offering credit monitoring services to those affected for up to one year.
Cyber Liability Insurance
Cyber Liability Insurance is the type of policy that covers third party liability. This is the type of liability your business has to other third parties who may be damaged by a data breach that occurs within your business. It is also frequently referred to as Information Security and Privacy Insurance. This type of policy covers the insureds’ liability for damages to outside third parties as a result of a data breach occurring within your business. This type of policy will protect business that sell products and services directly on the internet. It also protects businesses that collect data on their customers and stores it within their internal electronic network. The common types of information that are lost include name, address, social security number, username and passwords, credit and debit card numbers and bank account information. It can also include information about your employees, not just customers and vendor partners.
Although a data breach is the most common way this information is accessed, but it is not the only way the policy can be activated. Here is a list of other ways information is frequently stolen:
- An employee’s car is broken into and a laptop containing personal information is stolen.
- An email containing sensitive employee or customer information is sent to the wrong person.
- Important customer paperwork, such as a credit application, is taken during a break-in.
- Damage to data stored in the insured’s computer systems belonging to a third party.
- Transmission of malicious code or denial of service to a third party’s computer system.
- Failure to timely disclose a data breach.
Technology Errors and Omissions
Technology Errors and Omissions Insurance is a special form of liability coverage designed for companies that provide all types of technological services and products. It is a similar to professional liability for lawyers or medical malpractice for doctors, except it is specifically for technology companies. This coverage prevents businesses from bearing the full cost of defending against a negligence claim made against their company and the damages awarded in a civil lawsuit. When determining if your business needs this coverage it is important to consider if your company may experience something like a software glitch that may cause a client to lose important data, a flawed program your business designed or installed could prevent a client from sending or receiving orders or if a faulty code could prevent a customer from being able to process credit and debit card transactions. This coverage may be needed for graphic designers, digital marketing companies, information technology companies and computer software companies just to name a few.
Mitchell Sharp is a Marketing Associate for General Liability Shop. Mitchell has extensive knowledge of workers’ compensation and cyber liability. His passion is in using his knowledge of commercial insurance, social media and content marketing to benefit the small business community.