Over the past few decades, the world of work has gone through a revolution: high-tech and digital tools have pushed aside paper-based and analog practices. However, advancements in technology have not gone unnoticed by criminals. On the contrary, cyberattacks are increasingly common, affecting individuals, businesses, and entire countries. Hackers can gain access to your system and data and use that to steal confidential information, trade secrets, money, identities, and anything else that could be used for gaining influence or wealth.

Considering how dependent we all are on computers, cyber insurance is as essential as ever. Despite that, many business owners are oblivious to its existence and importance. This guide will take you through the basics of cyber insurance, what it covers, and how to get your money’s worth.

What Is Cyber Insurance?

Cyber insurance, also known as cyber liability insurance coverage (CLIC), is a policy for covering the costs associated with cybercrimes such as phishing, malware, ransomware, and distributed denial-of-service (DDoS) attacks. 

Typically, cyber insurance covers both first-party and third-party damages. 

First-party coverage applies to harm directly to your firm from a hacker attack or other cybercrime. Third-party coverage covers the costs you owe to other firms or people who have been adversely affected by an attack to your business.

Do You Need Cyber Insurance?

Cybercrime is increasing even as many other forms of crime are falling. Not even small businesses are safe. According to Symantec, 30% of phishing attacks in 2015 were against organizations with less than 250 employees. Furthermore, Symantec’s 2016 Internet Security Threat Report revealed that 43% of all attacks in 2015 had been against small businesses.

Clearly, small businesses could use the extra protection and peace of mind that insurance provides.

What Does Cyber Insurance Cover?

Cyber insurance coverage is split into two: first-party and third-party coverages.

First-party coverages typically include:

• Loss of income and additional expenses: Following a cyber-attack, you will likely accrue high costs from a computer system failure. Any resulting loss or expenses will be covered. 
• Loss or damage to electronic data: If electronic data or programs become damaged, destroyed, or stolen in a data breach, you will be covered for the cost or replacement or restoration, irrespective of who was the owner of the data.
• Cyber extortion: If a hacker threatens malicious actions unless you pay their demand, you will be covered for any costs you incur. This includes paying the extortion payment.
• Notification costs: It can be expensive to notify all affected parties in the event of a data breach. You will be covered for the related expenses.
• Reputational damage: Also known as crisis management. Cyberattacks can negatively affect the public’s view of your business, resulting in marketing and public relations efforts to improve a company’s reputation. Some policies will cover these costs.

Third-party liability coverages include:

• Network security and privacy liability:  If a cyberattack (DDoS, introduction of a virus, or another security breach) is the result of an error, omission, or negligence in your business, then insurance will cover any claims against you. Additionally, allegations of inadequate protection for sensitive data will also be covered.
• Electronic media liability: A specific form of insurance that covers libel, slander, defamation, copyright infringement, and other similar issues if they are caused by a cyberattack.
• Regulatory proceedings: This will cover fines and penalties if you breach data laws. 

Third-party coverages are typically claims-made, which means that the policy covers claims no matter when the claim event occurred. This is a popular option when there is a delay between when events occur and when the claim is filed. This often applies to risks involved in business operations. However, the claims are only covered while the policy is active. 

Before You Purchase Insurance

Before you go to an insurance agency or sign any papers, do some research and familiarize yourself with the different factors that affect the policy’s cost. Here are some things you can do to ensure you get the policy that meets your needs at the most reasonable price:

• Review the specifics – Make sure your policy covers the cyberattacks that are the biggest risk to your business. Go over the exclusions as well to see in which situations you would not be covered. Also, check the coverage limits and evaluate whether they are reasonable given the size of your business. 
• Look for hidden fees – There might be small clauses in the contract that can be easy to miss, especially if you are not familiar with insurance legalese. When reviewing the contract, pay attention to any extra fees and conditions that determine how much you are expected to cover yourself. Also, ask the insurance agents directly about all the costs and fees.
• Understand the requirements – Does the policy entail any obligations on your part? Ensure you can meet the specifications.
• See if you can get a bundle – Find out if the policy is standalone, or if it comes with extra business insurance. Purchasing insurance together in a bundle with one company can save your business money. 
• Evaluate whether you need additional coverage – Additional coverage will increase your costs. However, it will also provide additional coverage in the event of a specific cyber-related issue.
• Take cybersecurity seriously – Taking extra steps to improve cybersecurity will reduce the cost of your premiums and it also makes things harder for the attackers. It is alway better to prevent a crime than to deal with the consequences.
• Make sure the policy can be updated later – Cybercrimes change over time, becoming more complicated as technology and software advance. Therefore, your policy must stay up to date, covering you for the latest cyber threats. 
• What about your premiums? You can choose to increase your deductibles to lower the cost of your premiums. However, you will need to cover the costs before you can make a claim. Additionally, ask the insurance provider what effect making a claim will have on your premiums. 
• Train your employees in cybersecurity – A cyberattack can start from something as simple as an unknowing employee opening a link in a phishing email. Establish cybersecurity guidelines and make sure all your employees follow them. This might also lower your insurance premiums if you can show that your staff is trained in cybersecurity.

Whether you want to get an insurance policy right away or take some time to evaluate your options, you can email us or fill out the free quote form on our website to get started.