Does your business need cyber liability insurance?
If your company manages customer data, a better question might be how long do you dare go without it.
According to security expert Graham Cooley, the average cost per lost or stolen record is $148. Multiply that by the number of customers whose data or personal information your business manages and you’re looking at a pretty expensive liability in the event of a security breach.
Even a company that has invested in extensive cyber breach protection can’t guarantee nothing will go wrong. Humans make mistakes, and no security protocol in the world can completely eliminate that margin for error.
In addition, almost every business works with and stores customer information. Whether you’re selling tractors out of a warehouse or you’re consolidating credit card debt, if your business deals with sensitive customer data like credit card numbers, addresses, social security numbers, or other identifying information, protecting that data should be your highest priority.
Security breaches are common even here in Vermont — it happened to one of our local furniture retailers in the greater Burlington area just a few months ago — and the cost of a security breach has a significant impact on your business’s reputation as well as the bottom line.
Worried about business security? Get a free risk report without our technicians even setting foot in your office.
The Cost of a Breach
The real costs of a breach can be devastating.
Small businesses should not kid themselves that hackers only attack big companies with high profiles. Those breaches, the only kind you read about in the news, actually occur less frequently than security breaches within small-to-medium sized businesses.
The cost of recovering from a breach can quickly reach five and six figures, or in the case of a larger company like Target, millions. In the worst case scenario, a business that isn’t insured against cyber security liabilities may be forced into bankruptcy.
But there’s more than money at stake when a cyber attack occurs. Any breach will cause a slowdown of productivity, require new security protocols, and result in a loss of confidence among your customers. Productivity and finances can be recovered over time, but reputations are harder to rebuild.
Getting Prepared for a Breach
Every company should take security measures into their own hands.
Protecting access to your servers, ensuring security software is not only installed but updated on time, and instituting company policies for technology are a good start.
Begin by assessing your current level of preparedness. Then, fill in the gaps where you’re at risk. Once you’ve done that, you can apply for insurance that will cover the remaining margin of risk.
But remember, an insurance policy doesn’t guarantee a breach won’t happen—it only helps ensure you won’t go bankrupt if it does.
It’s the other security measures you incorporate on your own that will help prevent breaches in the first place. In addition to security safeguards and practices, you should have a security disaster plan in place so everyone will know how to respond if a hacker gets in.
Cyber Security Questionnaire
Before being approved for cyber liability insurance, businesses should do a self-assessment of their current security measures to see whether they’d be qualified. Ask yourself these questions to determine whether you’re following the recommended minimum practices:
Do you use a firewall or a virus protection program?
Do you perform regular and timely security software updates?
Do you replace factory default settings to securely configure information on your security systems?
Do you limit and control access to information that’s stored on company servers and computers?
Do you have a policy for creating work-related passwords?
Do you use encryption and authentication to protect remote access to your network?
Do you monitor accounts to flag and remove inactive accounts?
Do you monitor and control the downloading of data to external storage devices like tablets, smart phones, and flash drives?
These questions, or a version of these questions, will be found on most cyber security insurance policies. If you haven’t already implemented each of the security measures listed, you may have a harder time getting approved for coverage. Before you apply, make sure you’ve addressed each item on the list.
What Does Cyber Security Insurance Cover?
Cyber security insurance is one part of your overall security strategy.
Like other types of insurance, it covers damages and losses incurred in a specific manner. If your business falls victim to a cyberattack, your security policy will kick in to assist with:
Credit monitoring for affected customers
Crisis and reputation management
Investigation of the attack
The cost of insurance is scaled to the company’s size in most cases, and runs a fraction of the costs of losses that result from a data breach.
Today’s small businesses should use every tool available to protect their customers data and their company’s livelihood. New threats emerge all the time, and only thorough security measures that are monitored consistently will help combat them. Assess your current level of protection, then see where you can beef up your defense line.