For most businesses, covering liability with an insurance policy is very common and usually necessary in order to operate. However, there is a relatively new product on the insurance market –cyber insurance– that provides specific coverage for cyber or internet related threats to a company’s data and reputation. And yes, this is a separate coverage – don’t expect your standard property and liability insurance policy to cover cyber risks.
If your business is breached by a computer hacker – what are the specific “cyber risks” that you could face? According to the National Association of Insurance Commissioners (NAIC), some examples include:
From the insurance company’s side – cyber insurance is a rapidly growing and changing market. There is no standard or “one size fits all” cyber insurance policy that an insurer will offer a business. Different companies will offer different coverages. As with all insurance, there will always be exclusions (i.e., claims the insurance company won’t pay for).
So determining what risks your company has is a critical first step before buying this type of policy. For instance, retailers and health-related companies are two industries that have more cyber risk – simply because they process credit or HIPAA information on a day to day basis – and are a bigger target of cyber criminals. Ironically, small businesses may have more cyber risk for the same reason – hackers know small businesses usually have less data protection than larger companies.
Bottom line – with data and computer breaches becoming more common and visible – most businesses should at least consider purchasing a cyber insurance policy as part of their overall security and disaster recovery plan.