Small business owners are not exempt from the risk of a cyber attack. The loss of customer data is a financial disaster, and with cyber breaches becoming more common and affecting even the largest businesses, from banks to retailers to online giants with comprehensive security, it’s well worth ensuring your business has adequate cyber insurance.
The costs of a cybercrime
The financial losses that a business will experience after a cyber attack are extensive and include:
- Legal costs
- The cost of a forensic investigation to identify who was affected by the breach
- Potential fines and penalties
- Credit monitoring for affected customers
Cyber insurance and exclusions
Every cyber insurance policy is different – and the differences are in the fine print. Your policy has exclusions that must be fully understood. A full review of your cyber insurance policy is a critical aspect of ensuring your business is fully protected. Your company̵7;s cyber insurance does not cover losses related to stolen intellectual property rights or copyrights.
An insurer may reject a claim if it is found that the policyholder failed to protect business data. Most of these policies exclude losses related to war, invasion or insurgency, which thankfully are very unlikely events. Exclusions for “prior acts” mean that if your business had a crime before the policy came into force, it is not covered. This poses a problem, as some cyber breaches are not discovered until months after the fact. Always keep your cyber insurance up to date and don’t let any lapse, just for this reason.
Types of data breaches affecting US businesses
- Breach of privacy: These attacks involve an outside individual accidentally gaining access to private company and customer information. When this occurs, the affected patient, customer or client may file a legal claim against the company seeking compensation for disclosing private information.
- Accessibility Violation: This type of breach is usually associated with ransomware, when huge blocks of data can be lost or destroyed, even if the ransom is paid.
- Stolen information: An employee can access client information on a home device or phone, opening the door for bad actors to gain access to client data, which they then sell to others involved in criminal activity.
- Confidential data breach: An individual, either inside the business or outside the business, gains access to private information and steals it from the business. These violations may not be noticed for many months, as the individual may be working within the company and left no visible trail.
Will fines be assessed after a cyber attack?
When a business has been the victim of a cyber attack, credit card companies can assess fines. Your cyber insurance policy will have limits and deductibles, which should be reviewed carefully. The losses to a business due to a cyber breach can be so expensive that an exposed business may have to close.
Get help when choosing your company’s cyber insurance
The best way to protect your business from the losses of a cyber breach is to work closely with a local agent to select the ideal policy for your business. If you feel your current policy may not provide the coverage you need, your agent can check the market to identify the policy that best fits your business, provides the best coverage, and has the lowest rates.