Cyber liability insurance may not be the first thing that comes to a business owner's mind when he or she is contemplating insurance coverage for their company. But any quick glance at the news demonstrates the increasing threat of cyber attacks and data breaches faced not just by big-name corporations, but by businesses of all sizes across the U.S. Consider these potential threats to your business:
- A breach of your social media account
- The leaking of confidential client information
- Compromised data security due to employee errors
- Identity theft, computer virus, or phishing scams
Any of these cyber attacks can have a devastating effect on a small business. Hackers who gain access to sensitive customer information (Social Security numbers, credit card numbers, home addresses, etc.) can wreak havoc on those individuals' lives. As if that isn't bad enough, hackers can also siphon off a business's capital and ruin the owner's credit.
Most traditional business insurance policies don't cover the range of expenses incurred by a cyber attack, such as:
Interruption of Business Operations
A business that gets hacked generally must shut down for an unspecified period of time to investigate how the attack occurred and the extent of data compromised (which may require hiring experts to analyze and recover lost information). This can entail days or even weeks of lost revenue—not to mention a further loss of sales due to bad publicity and a drop in customer confidence.
Customer Notification and Discounts
Time and effort are involved in notifying customers of a data breach, as well as devising offers of discounts or credit card monitoring in order to placate these customers and hopefully retain their future business.
Any response to a cyber attack will likely involve a system-wide overhaul of security (new software and infrastructure, training staff in new procedures, etc.). Also, many merchant service arrangements stipulate that the business owner is liable for the costs of a forensic investigation, reissuing of credit cards and other related costs.
Depending on the size and scope of a business, it may be necessary in the wake of a cyber-attack to hire a crisis management firm to help rebuild the damaged brand.
Clearly, the scale of potential damage is more than most small businesses can sustain without proper insurance coverage. That's why cyber liability insurance is well worth considering for your business, both as part of a comprehensive information security plan and in tandem with your regular business insurance and employment liability policies.
As with any insurance coverage, policies differ in what may be covered. When you look into what's best for your business, keep these elements in mind:
- Coverage of all devices that could be stolen or lost (mobile phones, laptops, tablets)
- Protection against hacking and viruses
- Liability for slanderous blog content
- Data corruption and/or theft
- Crisis management (public relations assistance, brand-rebuilding efforts)
Cyber liability insurance assists with preventive and risk management policies, as well. The right carrier will help you create the best possible firewall protection, tailor appropriate social media policies, offer business interruption protection, and cover legal fees incurred by judgments or settlements. Start by contacting an insurance representative to determine if they offer this type of coverage, or speak to an independent agent who's knowledgeable in this area.
It's difficult to overstate the importance of protecting the data stored and used by your business, as well as the trust of your customers. A customized cyber liability policy may make the difference between recovering from a cyber-attack and losing everything you've worked so hard to establish.