You’ve undoubtedly heard news stories about big companies like Target and Equifax having their computer networks breached and their customer data stolen. Depending on the nature and severity of the breach, these companies can face massive lawsuits, hefty fines, and see their reputations negatively impacted by the resulting media fallout.
To guard against cyber threats, businesses of all sizes are beefing up their cyber security systems and establishing strict data-security protocols. But with increasingly sophisticated and complex threats, even the best security systems can fail, leading some businesses to invest in cyber insurance, also known as cyber liability insurance.
Here are answers to a few frequently asked questions to help you better understand what cyber insurance is and if your business might need it.
Q: What is cyber insurance?
A: Cyber insurance offers protection against damages resulting from threats to your computer systems and data, such as data breaches, hacking, network failures, and other events. If your business’ computer network is breached and your data is lost, stolen, or compromised, the cost to recover and restore this valuable information can be extensive.
What’s more, you can also be held liable for damages to third parties, such as customers and vendors, whose data was stolen from your system. Additionally, most states now have notification laws requiring you to inform those affected by a data breach, a process which can be quite costly, especially if you have hundreds or even thousands of customers to contact.
Q: Who needs cyber insurance?
A: Although it used to be that only large companies had cyber insurance coverage, practically every business stores and processes sensitive data in one way or another these days, so even relatively small operations are purchasing policies. If you collect and store third-party data, such as names, addresses, Social Security numbers, and/or credit card numbers, you may want to consider a cyber insurance policy.
Whether it’s a sophisticated hacker or simply a stolen company laptop, with just one breach, your business could face serious expenses. Putting cyber coverage in place can reduce the potentially ruinous costs related to a breach, including forensic investigations, data restoration, legal liability, and customer notification.
Q: How does cyber coverage work?
A: Individual policies vary, but most cyber insurance providers offer both first-party and third-party coverage:
First-party coverage applies to losses that your business directly sustains as a result of a breach. For example, this coverage would apply if your company’s data was damaged or stolen by a hacker and you need to recover it.
First-party coverage pays for costs related to investigative services, business interruption, and data recovery. It also applies to the cost of notifying customers and paying regulatory fines. Some policies will even cover the cost of hiring a public-relations firm to mitigate the damage to your company’s reputation following a breach.
Third-party coverage applies to lawsuits and/or claims from people who are affected by your system being breached. For example, this would apply if a client sues you for negligence after his or her personal data was stolen from your system during a breach.
Third-party coverage pays for lawyer fees, judgment and settlement costs, and media liabilities, such as copyright infringement. Some policies will also cover the cost of establishing credit/fraud monitoring services for third parties whose data was stolen from your system.
Assessing your cyber liability
It’s important to point out that cyber insurance is no substitute for having strong cyber security systems and practices. Instead, cyber insurance offers a supplemental layer of protection, and investing in both internet security systems and cyber insurance often provides the most robust protection from today’s increasingly numerous cyber threats.
However, not all businesses need cyber insurance. And among those that do need it, some will need higher levels of coverage than others. Meet with a Family Business Lawyer®, so they can assess the risk your particular operation faces and discuss the types and level of coverage to best protect your business. Contact one today to schedule an appointment.