1. I don’t do business online, so I don’t need cyber liability and data breach coverage.
The biggest threat is loss of information regarding your company’s finances; or personal information of clients or employees, like social security numbers, payment information, dates of birth, etc.
This sensitive data could be accessed through the web, email, stolen or copied paper files and mobile devices.
Cyber liability insurance can cover expenses resulting from issuing notification letters, printing, postage, handling of notification, forensic analysis, proactive monitoring services, breach restoration, Cyber Business Income & Extra Expense (BI& EE), legal services and public relations.
2. The cost of a cyberattack isn’t high for a small company like mine.
If any of your computers are connected to the internet, you are subject to a cyberattack and data breach.
The internet gives hackers access to your system, where they can obtain personal information about your clients and employees, and financial information about your businesses. Hacks can go weeks, months or even years without being detected.
Once there has been a breach, there are notification laws and requirements you must abide by to notify any possibly affected parties. According to reports from IBM and the Ponemon Institute, cost per record of a data breach reached $154 in 2015, up from $145 in 2014. According to the Ponemon Institute 2015 report, data breaches cost U.S. companies on average $6.5 million per breach.
3. I’m not a target for an internet hacker because my company is small.
A 2015 Verizon study shows that more than 70% of small businesses with fewer than 100 employees were the target of cyberattacks. Hackers may think that a small business lacks the resources or security against an attack, compared to larger organizations.
4. I’m covered under my BOP insurance policy.
Most business owner policies (BOPs) have specific exclusions for cyber liability or data breach.
Both coverages must be added by endorsement to your current policy, or written on a separate policy altogether. Typically, insurance companies write limits up to $100,000 on a BOP. For higher limits, you need a separate policy.
5. I don’t need coverage because my network security system is foolproof.
According to Fire Eye & Mandiant, 96% of attackers bypass multiple layers of security to get the desired information.
Computer hackers are not your only threat. Studies have shown that nearly half of cyber-liability and data-coverage claims come stem from misconduct of employees or executive officers of the business.
Claims can also arise from staff mistakes, malware/virus, system glitches and theft of hardware—and don’t forget about lost or stolen laptops, other mobile devices, and paper records.
While there is no sure way to prevent a breach, you can take preventive measure like installing a firewall and security software, encrypting data, using a virtual private network, and putting a data-breach action plan into place.