Is My Business Covered in the Event of a Cyber Attack?
Small business owners are not exempt from the risk of a cyberattack. The loss of customer data is a financial disaster, and with cyber incursions becoming more common, and hitting even the largest companies, from banks to retails to online giants with extensive security, it is well worth ensuring your business has adequate cyber insurance.
The Costs of a Cyber Breach
The financial losses a business will experience after a cyber attack are extensive, and include:
- Legal costs
- The cost of a forensic investigation to identify who was affected by the breach
- Potential fines and penalties
- Credit monitoring for affected customers
Cyber Insurance and Exclusions
Every cyber insurance policy is different – and the differences are found in the small print. Your policy has exclusions that must be fully understood. A full audit of your cyber insurance is a critical aspect of ensuring your business is fully protected. Your business cyber insurance does not cover the losses associated with stolen intellectual property or copyrights.
An insurer may deny a claim if it is found that the policy owner failed to safeguard business data. Most of these policies exclude the losses related to wars, invasions, or insurrections, which are very unlikely events, thankfully. Exclusions for “prior acts” mean that if your business had a breach before the policy was in effect, it is not covered. This poses a problem, as some cyber breaches are not discovered for months after the fact. Always keep your cyber insurance current, and do not allow any lapse, for this reason alone.
Types of Data Breaches Affecting Businesses in the USA
- Confidentiality Breaches: These attacks involve an outside individual gaining access to private business and client information by accident. When this occurs, the affected patient, customer, or client can file a legal claim against the business to seek compensation for revealing private information.
- Availability breaches: This type of breach is typically associated with ransomware, when huge blocks of data may be lost or destroyed, even if the ransom is paid.
- Stolen information: An employee may access client information on a home device or phone, which opens the door for bad actors to gain access to client data, which they then sell to others involved in criminal activity.
- Confidential data breach: An individual, either within the business or outside the business, gains access to private information and steals it from the business. These breaches may not be noticed for many months, as the individual may work within the company and did not leave a visible trail.
After a Cyber Attack, Will Fines be Assessed?
When a business has been the victim of a cyberattack, credit card companies may assess fines. Your cyber insurance policy will have limits and deductibles, which should be carefully reviewed. The losses to a business from a cyber breach can be so expensive that an uncovered business may have to close.
Get Help When Choosing Your Business Cyber Insurance
The best way to protect your business from the losses of a cyber breach is to work closely with a local agent to select the ideal policy for your business. If you feel your current policy may not provide the coverage you need, your agent can check the market to identify the policy that best suits your business, provides the best coverage, and has the lowest rates.