Any business that uses computer technology today has to deal with cyber risk. Ransomware attacks are on the rise, and small and medium businesses are being targeted more than ever. With the shift to more people working from home in 2020, cybercriminals are taking advantage of the opportunity to exploit remote workers.
Cyber insurance may be essential for a business of any size. The following checklist can help savvy business owners secure the right coverage for protection against cyber-attacks.
Decide Whether Your Business Needs Cyber Insurance
It is likely you need cyber insurance coverage if your business:
- Handles sensitive information: This can include a lot more than health information, Social Security numbers, bank accounts, etc. Even the most seemingly harmless information can be used by cyber attackers.
- Has staff who use their own devices: Cell phones, laptops, and other electronic devices can be lost or stolen. If this occurs, it can give criminals access to important company information, including confidential data.
- Hosts a public website: If your website interacts with clients or customers and stores their login data, you are vulnerable to cyber theft.
- Uses a third-party vendor: If your company has a third-party vendor supplying goods you sell, providing an online shopping facility, or managing your database, you may be vulnerable to cybercrime. You don’t control the level of security provided by a third party.
- Relies heavily on confidentiality (for example, a dating website).
- Gather information that, if lost, could result in embarrassment, invasion of privacy, or bullying.
Determine What to Look For in a Cyber Insurance Policy
Consider how much cyber insurance you need and how much your business can afford. Evaluate your risks and the types of coverage you need. Decide whether unintentional error should be covered, as well as intentional attack. Determine what your policy can exclude, what data should be covered, and where it is stored. Find out what insurance providers offer, such as legal costs, first responder services, or business interruption coverage.
Custom-Tailor Your Cyber Insurance Policy Outline
This outline should include:
- The level of risk your business is facing
- The type of policy (package or standalone) that works best for you
- Whether coverage includes third parties
- Types of coverage (network security, privacy liability, media liability)
- Amount of coverage your business needs
Ask Questions of Potential Providers
With your policy outline in hand, get insurers to answer important questions about the cyber insurance coverage they provide. For example, you should ask about:
- Policy exclusions
- Deductible amounts
- Response time after a data breach
- Timeframes for coverage
- Geographical coverage area (is coverage limited to within U.S. borders?)
- Types of covered incidents (do they include unintentional or non-malicious attacks?)
- How coverage and policy limits apply to first (policyholder) and third parties
- Premium increases after claims are made
- Auditing or compliance obligations
- How provider handles cyber threats
Finding the right cyber insurance coverage for your business can be a complicated process. Our knowledgeable agent is happy to help.