For many business owners, cyber insurance is a discretionary purchase. Unlike property and commercial insurance policies, cyber insurance isn’t standardized, so it’s often viewed precariously—more as a luxury than a necessity.
Cyber insurance is also a new product, and many business owners don’t understand it, or why they would need to purchase it. The truth is, in today’s connected world, it’s more important than ever to be covered in case of a cyberattack, but it can be challenging to know what you need.
Get the Right Advice
When it comes to getting the right cyber coverage, one of the most important things you need is a broker that fully understands your business—one who can describe your operations as an employee would. Once you’ve chosen a broker whom you feel confident with, here are some questions you should consider to ensure you get the coverage you need:
- What type of data do we maintain in our system (or in our cloud provider)? What is my exposure if my data or systems are affected?
- If using a cloud provider for services, where is my data kept, and what contractual agreement do I have in place with them?
- How long can we continue to operate without our primary systems?
- How long do we anticipate it may take to recover from an incident?
- What internal controls do we currently use? For example, call back provisions to change banking information, employee training in cyber hygiene, advanced firewalls.
Get the Right Coverage
The current cyber market provides a variety of options. At first glance, different options can appear to be the same, but they can be dramatically different once you examine the policy wording. Even if the coverage titles are similar, the coverage may not be equal. Each policy has its unique terms, conditions, and exclusions that may modify the described coverage’s intent.
At the most basic level, Cyber Expense or Privacy Breach Notification Expense coverage can be added to traditional commercial insurance packages and is intended to provide limited coverage (commonly $25,000). It is designed solely to assist with basic costs, like paying for postage when you send notification of the privacy breach to affected individuals.
On the other end of the spectrum, there are stand-alone cyber liability policies that cover costs related to a network or security breach that results in the disclosure of personally identifiable information, personal health information, or third party corporate information.
While fully customized cyber liability policies are also available, the foundation of any great program should include coverage for:
- Third-party liability: Liability arising from the unauthorized disclosure of personally identifiable information, personal health information, or third-party corporate information due to a security breach or network failure
- First-party expenses: Coverage to help your business with the financial burden of expenses such as crisis event management, security breach remediation and notification, and computer program and electronic data restoration
- Cyber extortion: System disruption due to ransom or extortion demands, including access to experienced cyber negotiators and ransomware specialists
- Cybercrime: Social engineering and unauthorized electronic funds transfers
- Business interruption: Income replacement while you attempt to recover from an incident
Develop Your Plan
While getting the right coverage is essential, any cyber policy you choose should be a part of an overall Cyber Incident Response Plan that identifies:
- The types of information you have
- Who at the organization is responsible for initiating the plan
- Who to contact at which point
- How the response plan adapts to specific situations
Cyber policies are complex coverage documents, and it’s essential to note in the plan at which point each coverage is available, and how best to utilize the policy coverages. Certain coverages respond upon notice; others require prior written consent from the insurer.
No matter the size of your company, Cowan Insurance Group’s dedicated team of expert advisors will walk you through the steps to secure your business and get you the coverage you need. Contact us today to get started.