Cyber Security Insurance - Why You Need it in 2019
By: James Azar
Businesses are finally catching on to cloud technology and pretty much every business that you have ever known about, has gone online. Your local plumber now uses a local server, and sends you an invoice in an encrypted email…and yes, you can pay with bitcoin.
Maybe that’s going a little bit too far.
Perhaps not everyone is as advanced in terms of their cybersecurity as the cybersecurity startups that we follow, but they should be, right? Or better yet, if they can’t be on top of their cyber game, they should at least protect their assets.
That’s where cybersecurity insurance comes in. If you can’t beat them, join them.
Hackers are already light years ahead of most small to medium businesses and they can take down their infrastructure in nanoseconds if they target them correctly. These cyber hackers have been going after the big fish so far but many experts predict that they will start targeting smaller companies soon so in a world where we have to prepare for as many scenarios as we can, there is a flourishing market for insurance – increasingly in the world of cyber security.
You wouldn’t drive a car without insurance, right? Same goes for your data.
A cyber insurance policy is designed to help a company mitigate their risk exposure by offsetting the costs involved in data recovery in an event of a cybersecurity breach. It’s really easy for a company asset to be hacked, think about it! So many employees log in to company online tools and platforms using their social media.
Companies are already seeing the value of cybersecurity insurance. According to PwC, about one-third of US companies currently have coverage and the total value of premiums is going to reach $7.5 billion by 2020.
What does standard cyber insurance cover? Here are the basics.
Forensic investigation - whenever a cyber breach occurs a third-party security firm has to do a full forensic investigation which sometimes requires them to coordinate with local law enforcement. Depending on the severity of the breach, this whole process could take weeks if not months and could cost a lot of money.
Business losses - Often a company loses some of their assets or sensitive information to a hacker’s luck. Sometimes the company needs to compensate its customers for the breach. All of this can get pretty expensive to do.
Notifying customers - Notifying customers sounds like a one-time deal but often if customer data was stolen the company needs to monitor their accounts for a long time in order to mitigate costs. When Equifax was hacked, they actually offered to freeze customers’ accounts for a short time. They actually offered this as a paid service which seems like an oxymoron since they themselves were breached… but they offered it nevertheless.
Extortion and lawsuits - a company might accrue legal expenses as it tries to pursue the hackers. Also, the company might fall victim to cyber extortion and will choose to pay up in order to get its data back.
Normal insurance policies, especially for smaller companies fail to cover the far-reaching costs of cyber security incidents which are both short term recoup plans and long-term vulnerabilities. In large companies, such as Equifax, the long-term public relations fallout is obvious, in smaller companies less so, but in cyber insurance – its all been analyzed.
If you are currently lacking cyber-insurance coverage, it’s time you started shopping for different options.