Protecting Your Business with Cyber-Insurance

by Jeff Wiener on February 27, 2015

The world of cyber-crime is one of investment versus reward, a calculation whether the data the hackers are seeking is worth the time and risk it will take to access it. The unfortunate reality is that no network is absolutely safe, meaning all the network security, IT protocols, firewalls, security hardware and software in the world won’t provide absolute protection, all these things will really do is make hacking a network difficult enough that it won’t be worth the hacker’s time.

It’s for this reason why despite the best efforts of the security industry and IT departments the world over that cyber intrusions continue to happen on a daily basis, often with crippling results to the victimized companies. While such attacks are damaging, what could make them worse is if your company does not have the right insurance coverage to cover its losses.

In fact, while for most companies protecting physical assets and intellectual property with comprehensive insurance plans is a no-brainer, many companies really have little idea just how “comprehensive” their coverage is, and as retail chain Target recently discovered, many companies have no idea just how damaging a cyber-attack can actually be.

You may think your company is prepared for disaster, with communication fail-over protocols established, disaster recovery plans readibly available, and emergency plans in place. But what if the disaster that befalls your business is not from the physical world, but from the digital realm instead?

According to regulatory filings, when Target fell victim to a significant cyber-security breach in 2014 the company had about $100 million in insurance coverage, with a $10 million deductible. While some might think that amount may be prudent for a company like Target, consider that it stands as almost nothing compared to the estimated $1 billion in losses the company has suffered because of this crisis.

Simply put, not only do businesses need cyber-insurance to protect them from losses stemming from such attacks, they need the right amount of coverage as well.

The first step in this process for any business is to determine if you have cyber-insurance at all. Some insurance companies offer some level of cyber-protection as an add-on to general commercial policies, while others offer their own policies specifically tailored to cyber-protection.

“It would be wise to take a look at what coverage your company has, what is available, and make sure you do have cyber-insurance coverage,” E-Commerce Times writer Peter Vogel explains. If cyber insurance is not included in your policy, determine your needs through consultation with your insurance provider, noting that most insurance companies do now offer cyber-protection plans.

As a matter of practical assessment, Vogel explains, your company should examine your insurance policy to ensure coverage in these critical areas:

  • Network and information security liability
  • Communications and media liability
  • Crisis management event expenses
  • Security breach remediation and notificationexpenses
  • Computer program and electronic data restoration expenses
  • Computer fraud
  • Funds transfer fraud
  • E-Commerce extortion

Further, your company should analyze its own unique needs, securing insurance coverage for other sensitive digital items like patient information and the like.

As important as it is for any business to insure themselves against loss, many still fail to recognize the need for protecting digital, not just physical, assets, and unfortunately cyber crime can be as, if not more, damaging than any other sort of disaster that might befall your company.

Previous post:

Next post: