Updated February 2019
Living in a digital era has countless benefits for businesses, but it also introduces new cyber security risks. Since your company stores and sends information over the internet it could be accessed in a number of creative ways. Whether the access point is disguised viruses, rogue WiFi spots, or even vulnerable wireless peripherals such as mice and keyboards, it presents the same risks for your business. Firewalls and defensive software can help, but it’s essential that you have a back-up plan in case these fail.
After all, the cost of cyber breaches is quite high, potentially leaving you to cover expenses such as computer or software replacement costs, the cost of repairing your company’s reputation, or even paying for damages if a client brings a claim against you. As a result, it’s vital your business has a comprehensive cyber insurance policy in place. To ensure your business remains protected from these numerous cyber risks, we’ve shared ten things to consider when selecting cyber security insurance.
1. How much business interruption cover is provided?
If your business relies on computers or the internet to complete its work, any technical trouble can mean a huge loss of income. Getting your servers back online or finding replacement hardware can take time, which is why including business interruption cover in your cyber insurance policy is essential. Just make sure the cover is adequate to keep your company running until the issue is addressed.
2. Does your cyber insurance cover mobile devices?
Recent studies have shown mobile devices are the biggest point of weakness for companies’ cyber security. At the very least, many workers will use their phones to check their emails outside of the office. Since their devices don’t have the security software your work network does, this leaves them wide open to cyber-crime, especially considering most of us will connect our phones to any free WiFi we find. We rarely stop to question the security of the connection.
3. Reputation & response cover
In the business world, a good reputation is key to success. However, this can be easily lost if clients or competitors publicly cast doubts on your cyber security. Thus, it’s important to act quickly to quash rumours and replace them with the truth. Including reputation cover in your cyber insurance coverage ensures that you can afford to take quick legal action to silence any unfounded claims.
4. Are you protected against any loss of data?
Most cyber risk insurance policies will provide cover for data theft by hackers, but this isn’t the only way information can be lost. It’s far more likely that data will be lost if servers crash, hard drives are lost, or an employee accidentally deletes the wrong files. This makes it important to ensure cover is extended for all data loss – not just loss caused by criminal behaviour.
5. Are security measures required?
Some cyber insurance companies require businesses to take security measures before providing cover. This can include firewalls, password protection, and defensive software, among other protection. If this is stated in your contract, you must keep the security measures up to date, or you risk invalidating your insurance. If you need to update your firewalls, be sure to notify your insurance company while you do so. If any mishaps occur while they’re down, cover is only extended at the discretion of the cyber insurance providers if you haven’t advised them in advance.
6. Is cover included for your contractors’ mistakes?
Do you outsource any of your IT services or software design? If you contract a third-party company to take on any digital work for you, you need to make sure you’re insured if anything goes wrong. This can be a common blind spot in cyber insurance policies, so it’s important to discuss the cover options with your insurance provider.
7. Is damage caused by viruses covered?
Virus protection is essential for businesses. All it takes is one mistakenly-clicked link for a computer to be infected, and from there your servers can be contaminated with malware. It may seem obvious that cyber liability insurance would cover the cost of repairing this, but you may be surprised. Since many viruses must be invited on to your computer, some policies will not extend cover for viruses.
8. Can the amount of cover be customized?
Since every business is different, a one size fits all policy rarely works for anyone. A company with a small client base isn’t going to need as much cover as a large international firm, and so the amount they pay for their insurance cover should be adjusted to reflect this. Fortunately, specialist cyber insurance providers are available to help you decide what exactly should be included in your policy.
9. How long do you have to disclose a breach?
Every cyber insurance provider will have different conditions regarding how long after an incident you can make a claim. Usually, they require you to notify them immediately if you are aware of circumstances that may lead to a security breach, or to one of your clients taking legal action against you. It’s important to discuss this with your insurance company, as mistaking the timeline can leave you without cover at a time when you need it most.
10. Are you covered for regulatory defense and fines?
If there’s a regulatory investigation following a data breach, it can prove quite costly for your company. Not only are there defense fees to be paid, but there may also be regulatory fines, depending on the results of the review. While coverage for regulatory investigations is typical in most cyber risk liability insurance, it’s important to discuss the extent of coverage with your provider.
Want to find out more about choosing comprehensive cyber insurance?
To find out more about how cyber liability insurance will protect your business, contact our expert team of underwriters today. We’d be happy to discuss how cyber insurance can be customized for your company’s requirements.
Other useful cyber insurance news items: