How much will a data breach cost your business?
It’s not pretty: The average total cost of a data breach in 2020 was USD $3.86 million. The most expensive country was the United States, averaging a total cost of $8.64 million.
Data breaches are clearly something you must protect your business against. But what if one happens anyway? How do you recover financially from such a devastating incident? And who pays all the bills?
One way to protect your organization is cyber insurance.
What Is Cyber Insurance?
The formal terms for cyber insurance include “Data Breach Management” and “Business Interruption Insurance and Liability Coverage.”
Sometimes cyber insurance is also called “Tech E&O” (errors and omissions), and “Social Engineering Crime Coverage.”
Cyber insurance coverage encompasses a number of things, including first-party coverage, where the policy holder suffers a loss of revenue as a result of a data breach or a hack.
Then there's third-party coverage, which covers liability associated with a data breach that the policy holder may be responsible for.
Cyber insurance covers many issues related to data beyond just data breaches. Some policies also cover losses incurred from phishing attacks, data destruction, extortion, online theft, and denial of service attacks (deliberate and accidental).
Businesses that Need Cyber Insurance
All organizations need cyber insurance these days, but some industries need it more than others because they’re exposed to greater cyber risk and liability.
The companies that should be particularly interested in purchasing cyber insurance are the ones responsible for collecting and storing personal financial records and personal health records (such as credit card data, patient files, doctor information).
To put it bluntly, if your business handles sensitive personal information, you need to prioritize cyber insurance.
Industries that are highly regulated by state, federal and international agencies also require cyber insurance. These industries include hospitality, retail, health care, entertainment, technology and government contractors.
Think of cyber insurance as a supplement to your general liability insurance. Even small businesses carry business insurance to protect themselves from the costs of property damage or natural disasters.
Cyber insurance costs protect you from the devastating effects of security breaches and digital disasters!
The Losses Add Up Quickly
If hackers bypass your network security and get control of your computer systems and sensitive personal records, you are responsible for the breach. And you are subject to some significant costs.
- First, you have the cost of making sure that the records that have been breached are protected.
- You also incur expenses for investigating the cause and extent of the data breach. You’re going to need consultants poring over exactly what happened, where it happened, and how to fix it moving forward—and that process typically involves plenty of unforeseen expenses.
- Then you have the cost of ransomware. If hackers penetrate your networks (usually through email), lock access to your data, and demand a ransom to get that access back, you face the cost of paying that ransom.
- Add to the mix the legal expenses you incur making sure you meet regulatory compliance standards of your state or nation.
- Finally, you face the cost of informing the holders of those records that were compromised, and the cost of monitoring their credit score through identity and credit searches for a period of at least one year.
This is why you need cyber insurance—to pay for the many and varied and hefty expenses that result from experiencing a data breach.
How Managed IT Services Companies Can Help
If your company outsources any part of your IT (to a Managed IT Services Provider, for example), you must ensure that the service contracts and agreements you have with those suppliers clearly spell out who is responsible in the event of a data breach.
Is your company responsible? Is the vendor responsible? Check to be sure.
If you use a Managed Security Service Provider, book time to review your service agreements to ensure that you are protected as far as liability insurance is concerned.
And while you are meeting, also check how thoroughly your organization is using multi-factor authentication (MFA). Multi-factor authentication is now a prerequisite for reasonable limits and pricing from most cyber security insurance underwriters.
If you need to upgrade your level of insurance coverage, or if you are going to market to find a company to insure you, you must have a robust MFA protocol already in place. Your Managed IT Services company will help you implement this.
Cyber Liability Insurance Is a Must in Today’s Landscape
If the idea of cyber liability insurance feels like overkill, think again. The landscape has changed and any organization with sensitive data—from a self-employed bookkeeper to the largest enterprise SaaS—is at significant risk.
Mitigating this risk is going to require organizations to be much more realistic and strategic about their risk management. The best-protected companies will be those with open communication between IT and management, where the expertise of IT teams and their partners drives the organization’s cybersecurity posture and the protections that are in place as a result.
If your team requires extra support to protect your organization from cyber threats, check out our Managed Security Services.