What is cyber insurance?

Cyber insurance is there to protect you and your business in the event that you fall victim to a cyber attack. Whilst it cannot prevent the cyber attack from occurring, cyber insurance is an enormous help when you’re still in the recovery stages. It ensures that you don’t lose out when the business’ productivity drops and resources are diverted to crisis management and data recovery. Cyber insurance is there to help you get back on your feet as quickly as possible.

Every business, no matter how big or small, can benefit from cyber insurance. There is a common myth that hackers don’t target smaller businesses as they don’t view their data as being valuable or worth their time. As a result, too many SMEs take the risk of failing to buy cyber insurance.

In fact, every business is attractive to hackers and the tactics they now employ mean that they can target multiple companies at once. As well as gaining access to the company’s data, they’re also looking to access employees, customers and suppliers’ personal information, which you will almost certainly hold digitally. Even if the data isn’t of any use to the hacker, they can still hold it ransom and demand a fee.

What does cyber insurance cover?

The contents of a cyber insurance package will vary depending on who you go with and at what price, but these areas are commonly covered:

  • Data breaches- this could be the result of employee theft, the loss of a memory stick, a phishing email or other form of cyber attack.
  • Business losses- a cyber attack can dramatically reduce business productivity as you lose access to certain files and technologies, and resources are diverted to deal with the issue. Looking to the long term, the company may continue to suffer from repetitional damage and the impact of significant data loss.
  • Investigation- examining how the cyber breach was able to occur, what can be done to mitigate the damage and what actions can be taken to prevent a similar incident happening again.
  • Legal Costs- compensating any individuals whose data has been compromised, and fighting any legal battles.
  • Communication- a key element of crisis management is regularly communicating with those affected. You will need to notify all your customers, partners and suppliers as soon as you discover the data breach.

What to consider when choosing cyber insurance

When you’re looking around at different options for cyber insurance, we would recommend that you give serious thought to the following:

  • Are you covered for all cyber attacks or just ones where you were the intended target? If one of your suppliers is hit by a cyber attack, the interconnected nature of your business means that you might also be impacted.
  • Are you covered for cyber breaches caused by an employee’s mistake? When it comes to cyber security, the most innocent of mistakes can open the door to hackers. For example, unwittingly clicking on a malicious link or downloading a document. The chances of such mistakes occurring can be reduced through extensive employee training, but the risk remains.
  • Are you covered for social engineering cyber attacks? A highly sophisticated form of cyber attack, social engineering is when a hacker is able to trick an individual or company into revealing their data. By creating incredibly realistic looking emails, landing pages and forms, a hacker can lure you into inputting sensitive data, such as your address, banking details or account password.

I invest in cyber security. Why do I need cyber insurance?

Cyber security is constantly evolving. As hackers grow ever more sophisticated in their techniques and approach, cyber security experts are having to develop new ways to defend businesses against them. For the most part, the latest advances in cyber security are made available to businesses pretty quickly. Unfortunately, some cyber attacks do slip through the gaps before the necessary update has been made.

Investing in cyber security is the smart thing to do, but it doesn’t offer a 100% guarantee of protection. That’s why it is still worth investing in cyber insurance. Should your system be compromised and data stolen, deleted or corrupted, it won’t be you paying for the damage.