Factors to Consider Before Investing in Cyber Insurance – AllBusiness.com

Cybersecurity isn’t just a big business problem. While huge corporations like T-Mobile and Microsoft have made headlines with recent data breaches, smaller companies have also found themselves increasingly at risk.

A recent report from the cybersecurity firm Sontiq found that in 2021, the data breaches posing the greatest risk to consumers were those launched against small businesses. Meanwhile, the breaches themselves are getting more costly. In fact, a 2020 analysis by Cybersecurity Ventures estimates that cybercrime will cost businesses $10.5 trillion globally by 2025—a huge increase from just $3 trillion in 2015.

With the threat growing, small businesses may be looking to further protect themselves. In many cases, cyber insurance is one of the best ways to do so.

Cyber insurance protects against liability in the event of a data breach, including those involving sensitive customer information. It can help cover the cost of data recovery and systems repair, as well as any legal fees or expenses involved in a breach.

So how do you know if cyber insurance is right for your business? To help you decide, we’ve broken down all the ins and outs.

Do you need to protect your business from cybercriminals?

The decision to purchase cyber insurance may ultimately depend on the field you’re in. In particular, companies that hold a large amount of customer data, such as financial institutions, manufacturing firms, and businesses involved in the health care or service industries, face a major risk.

This is mainly because companies that deal with a high volume of customer data—even smaller companies—have a great deal of value to hackers and scammers. And with the number of new business applications up, there’s simply more to steal. The average financial services firm, according to  software company Varonis, has more than 350,000 exposed, sensitive files; healthcare companies have more than 110,000.

Still, committing to another yearly insurance cost is a big decision. Here are three questions to consider when deciding if cyber insurance is a good investment.

Determining whether cyber insurance is a good investment for your business

1. How much does cyber insurance really cost?

Unfortunately, cyber insurance prices have been rising. In June 2021, insurance provider Howden Group reports that, globally, policy costs have increased by 32% year over year.

The cost can vary widely, though—the insurance company Progressive estimates that annual policies can range from $500 to more than $5,000. Every provider is different, but in a study of its own customers, insurance company Insureon found that the average is around $1,675 per year, or about $140 per month.

Of course, the cost of an actual breach can be much more severe. For example, the cybersecurity firm OSIbeyond reports that, as of last year, ransomware attacks cost small businesses an average of $84,000.

It all depends on how much liability you need. Businesses may pay more if they deal with a larger customer base, or if they handle sensitive information on a regular basis. Basically, if your business is considered high risk, then you’ll need a higher coverage limit. Additionally, companies that have made cyber liability claims in the past may face higher rates.

To find out an estimate, start by getting a quote from your insurance provider.

2. Are you prepared for a cyber attack?

The easiest way to know if you need cyber insurance is, of course, to know whether or not you’re vulnerable. Your field and clientele play a role in that, but so do the security measures you already have in place.

Unfortunately, many smaller companies don’t have cybersecurity on their radar. A recent survey by CNBC found that only 28% of small businesses said they had a definite plan for dealing with a cyber attack. Meanwhile, a whopping 42% said they had no plan at all.

But how do you know if you are prepared? Thankfully, the Federal Communications Commission (FCC) has a Cyber Security Planning Guide. To start, the FCC suggests doing an inventory of all of your data so you know what could be lost. From there, determine where to store your data and how to protect it from hackers.

It’s worth taking a look at the FCC’s guidebook. If a lot of it sounds foreign, then it may be worth adding new measures, as well as getting insurance to cover your weak spots.

3. What exactly does cyber insurance cover?

Cyber insurance covers a lot of scenarios that your general liability insurance won’t. Often, policies are broken down into two parts.

First, there’s first-party coverage, which protects against damages your business may suffer directly during and after a breach. That could include the price of recovering your data, the cost of paying for an investigation into the breach, and coverage for the lost business you may face in the process.

Then there’s third-party coverage, which covers damages to your customers or any business partners who could be involved in a data breach on your end. Here, cyber insurance could cover legal fees, settlement costs and other liability issues.

Best practices for keeping your data secure

Whether you purchase cyber insurance or not, it’s worth taking a hard look at your current security policies and seeing how you can improve. Here are a few easy tips:

Post by : Callie McGill

Callie McGill is a content manager at LendingTree. Covering an array of personal finance topics from insurance to small business, she works hard to provide unique viewpoints that empower people to make their best financial decisions. Callie earned her B.A. from Penn State University, and her work has been published on major networks like Yahoo! and MSN.

Company: LendingTree
Website: www.lendingtree.com
Connect with me on Facebook and Twitter.