Cyber cyber cyber… This is one of the hottest topics in the insurance industry today. You may already have cyber insurance, or you might be considering getting coverage — in either case, you’ll likely be asking, “what does your cyber insurance actually cover?”
who needs cyber insurance?
While some general liability and professional liability policies include basic cyber liability coverage, additional coverage is often needed. Businesses that store personally identifiable information (PII) for employees and/or customers should have additional coverage.
what does cyber insurance protect you from?
Cyber breaches can occur in a multitude of ways. They can be executed through phishing emails, viruses, ransomware, or other malicious attempts to corrupt your data.
The best way to begin protecting your data is to establish internal safeguards with cyber security. This includes strong passwords, monitoring electronic device access, and using different software tools.
Email scams such as Business Email Compromise/Email Account Compromise (BEC/EAC), are sophisticated scams that target both businesses and individuals who perform legitimate transfer-of-funds requests. In addition to those email-based vulnerabilities, there is an increase in other cybercrimes that threaten businesses (especially those that are remotely operated). According to Cybersecurity Ventures, a cyber attack will occur every 11 seconds in 2022, nearly twice the rate in 2019. With that being said, it’s important to ensure your business is covered in case a cyber attack does occur, with cyber security liability coverage.
There are a few types of coverage within a cyber liability policy. First-party coverage and third-party coverage help ensure you’re covered for whatever comes your way.
what else does cyber insurance cover?
First-party coverage includes coverage for immediate expenses related to the cyber breach. These expenses typically include:
- The cost of notifying employees and the public
- Marketing and public relations response that protect the company’s reputation
- Paying extortion money
- Repairing the damage to software and hardware
- The cost of business interruption and missed income while operations are suspended
- Other ancillary costs
Third-party coverage helps a company defend against lawsuits and legal claims. There are a number of lawsuits that can occur. Privacy lawsuits are covered under this coverage in case you have breached the privacy of customers and employees.
Regulatory body fines are covered, as well as media liability claims (copyright infringement, libel, or slander). Lastly, breach of contract and negligence claims are covered with third-party coverage.
Going into 2022, there is likely going to be a change in coverage. Read our blog cyber security: looking forward to 2022 for more insights.
cyber insurance for a remote workplace
A recent global industry study conducted by Tenable found that “eighty percent of security and business leaders said their organizations have more exposure risk today as a result of remote work.”
They listed three main factors that have increased cyber attacks in the 2-year wave of remote office that are important to understand as a business owner moving forward with cyber coverage.
- “Enabling a workforce without boundaries.
- Expanding the software supply chain
- Migrating to the cloud.”
These three factors are all present in remote workplaces, and give even more reason to understand what your cyber coverage actually covers.
One question we’ve received from clients is: What happens if a remote employee breaks their work computer while at home? In general, cyber insurance will not cover a broken laptop — but commercial property insurance might.
okay now my business is covered — now what?
If you have enrolled for cyber coverage, good for you! You’re taking one more step to help create a safe workplace for your employees. Even if your business is protected against cyberattacks, there are some steps you can take to further protect your business.
read the fine print
It’s important to fully understand what your business is covered for when it comes to cyber risk. At benchmark, we take the time to look into the meaning of a ‘network’ for your company’s policy. The policy might change or be limited to “software, hardware, devices, and other infrastructure owned, operated, or leased by the company.” Knowing what your network entails, how far-reaching it is, and what security protocols you have in place can affect the type, limitations, and cost of your cyber coverage.
set home-office expectations
In addition to understanding your policy’s details, understanding what your employees’ home offices are like is important to help prevent cyber attacks. A couple of ways to ensure that your remote employees have a safe environment to work is:
- Bring in an IT professional to evaluate the laptops and monitors being used or to help install a VPN.
- Set boundaries with employees about workspace (for example, only use your work laptop, not the family computer that multiple people are using).
- Provide cyber security training about red flags to avoid.
There are preventive steps you can take to improve your security protocols and reduce the cost of your cyber liability coverage. To find out more about how we can add cyber to your existing business-coverage, please reach out.