No business is too small to catch a hacker's eye. If your company accepts credit cards or stores customer information digitally, you are at risk of being hacked. The biggest threat to most small businesses comes from someone compromising your point-of-sale system. But, unfortunately, that's not your only vulnerability. Email phishing scams, lost laptops, and employee theft are just a few of the ways you can lose confidential customer information.
To protect themselves, a growing number of small businesses are turning to cyber insurance. Here are five reasons why it may be a worthwhile investment:
- Data Breaches Are on the Rise
News sources tend to focus on massive data breaches from corporations and governments, but the truth is that smaller companies are being hit just as hard. In fact, 90 percent of data breaches impact small merchants, according to a Trustwave Global Security Report.
- Breaches Can be Financially Devastating
There are many costs that come in the wake of a breach, including, but not limited to, breach investigation, loss of business, attorneys' fees, regulatory fines, malware detection software, and legal settlements. Last year, breaches cost U.S. companies an average of $195 per record lost, the Ponemon Institute found. This doesn't even take into account the more nebulous costs, such as loss of reputation and future clients.
- Clients Increasingly Require Cyber Insurance
If your clients trust you to keep their data safe, they also probably want you to have cyber insurance. According to a PricewaterhouseCoopers study, the number of breaches attributed to partners and vendors rose from 20 percent in 2010 to 28 percent in 2012.
- There is Cyber Insurance for a Number of Risks
Today most major insurers offer multiple forms of cyber insurance, and premiums will depend on the type of coverage you buy. For instance, first-party insurance applies to the direct costs you incur as the result of a breach. It can help cover notification costs, loss of income while your business was down, and customers' credit monitoring services. Third-party insurance covers litigation defense costs if clients or customers file suit against your business for neglecting to protect their data. Companies can buy either or both types of coverage.
Your Current Insurance May Not Provide Sufficient Coverage
General liability policies usually cover physical property, but not digital property. So if an irate customer takes a hammer to the server that stores cardholder information and client data, you may be covered by your general liability policy at least for the equipment. But if an employee falls for an email phishing scam and causes you to disclose protected customer information, you are probably out of luck unless you have cyber insurance. Talk to your insurance agent about what your general liability policy covers, and what type of insurance might be best based on your unique business risk profile.