Thousands of companies crippled by cyberattack!
Millions of customers’ credit card data compromised!
Hundreds of thousands of computers hit; ransomware demanded.
Unfortunately, headlines like these are becoming commonplace, and the range of companies hit by such attacks are both global and wide-ranging by industry. Small- to medium-size businesses are hardly immune. In fact, due to lower protections, they may be more vulnerable to cyber terrorists and hackers.
As we shared in our last blog post, IT security needs be at the very top of every business’s priorities. The simplest malware can cripple a business. The most vicious can bankrupt it.
Are Your Protected Already?
In case of a cyber-attack, what sort of insurance protections do you have in place? Probably very few. Most businesses are surprised at how scant their coverage is; and how costly the damage.
Most traditional commercial general liability and property insurance policies exclude cyber risks. That means most businesses have no means to recover their losses. This has led to the rise of Cybersecurity Insurance (sometimes referred to as Cyber Liability or Data-Breach Liability Insurance) as a new, ‘stand-alone’ line of coverage. That coverage can include protection from data destruction, extortion demands, hacking, denial of service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud and privacy violations.
Cybersecurity Insurance is so new, there are no real industry standards. Insurance company prices and exclusions vary widely. This makes finding the right insurance policy complicated. Businesses should carefully read their Cybersecurity Insurance policy to understand what is covered in the event of a security breach.
The Two Types of Cybersecurity Insurance
As explained by Techinsurance.com, Cybersecurity Insurance falls into two categories: first-party and third-party insurance, although some—but not all—policies cover aspects of both.
First-party coverage is most suitable for non-IT firms. It includes the payment of ransomware, the costs for notifying clients that their information was compromised or exposed, the costs of monitoring services for customers affected by the incident, and the expenses involved in launching a public relations campaign to restore the reputation of the company affected by the breach.
Third-party Cybersecurity Insurance covers companies who are responsible for the systems themselves. These may be the same companies who were breached, or it may involve an outside IT company or independent contractor. It offers liability protection resulting in the release of confidential data and the failure to anticipate or prevent the transmission of a virus to a third party.
Other areas Cybersecurity Insurance can cover include money stolen through an electronic crime, security breaches of employee confidentiality and business interruption insurance.
Will Cybersecurity Insurance Cover Everything?
Unfortunately, Cybersecurity is hardly a panacea for all your cyber threats. As Data Central Journal reports, “Cybersecurity Insurance is so new that underwriters remain unable to easily and accurately assess risk. As a result, they exclude items—such as product designs, software code and reputation loss—that are hard to quantify.”
International Data Group, the world’s largest tech media company, agrees. Per a recent article from their CIO magazine, “Cybersecurity Insurance doesn’t do a good job of covering intellectual property theft or the reputational damage and business downturn that can be caused by a security breach.”
Because of these gaps, you should always start by building a defense against the sorts of malicious attacks that Cybersecurity Insurance is designed to cover. Single Path can provide both—assistance in uncovering your Cybersecurity Insurance needs through a complete risk assessment, but also developing comprehensive IT security, from managed firewalls to proactive Desktop, Server and Network infrastructure patch management.
Cyber threats continue to increase, but by adapting the best security measures, combined with a recovery plan that includes Cybersecurity Insurance, a business will be poised to bounce back quickly. At Single Path, we have already helped businesses like yours do just that. As your IT partner, we will guide you every step of the way, providing expert and personalized advice on all areas of your technology.