Remembering Shay Litvak Our Co-Founder and CTO

November 1979 - September 2023

Cyber Insurance Explained

Cyber InsuranceCyber Insurance
min read
August 21, 2023

It’s no exaggeration to say that we live in a cyber world.

Everything from paying our bills to driving a car involves computers and information technology—and that probably includes your business.

Even small businesses today use computers, which means they could face one or more cyber attacks. To protect themselves, many invest in cyber insurance. If you’re thinking about doing so for your business, or even if you already have cyber coverage, read on to learn more about the intricate world of cybersecurity.

What is the Meaning of Cyber Insurance?

Cyber insurance protects your business from data breaches, ransomware attacks, phishing and other security issues with your technology.

In case you're not too familiar with these terms, here's a quick primer:

Cyber insurance, also called cyber liability insurance, is similar to most types of insurance in that it usually has a deductible that you pay before the coverage kicks in, as well as a maximum amount of coverage. It often includes general liability protection, as well as specific coverage for the needs of your database and network.

What Does Cyber Insurance Cover?

First-Party Coverage

According to the Federal Trade Commision (FTC), there are two types of general coverage options offered by most cyber insurance policies: first-party and third-party. First-party coverage protects your business from direct costs related to a cyber security breach. Although each policy is unique and reflects the needs of a particular company, first-party coverage could include any of these elements:

Third-Party Coverage

Your cyber insurance coverage may also include third-party insurance, which covers legal costs and more that might occur if a third party is involved. It’s often used by businesses that provide services to other businesses. For example, if your client is attacked because a hacker found information that you stored on the client’s business, third party coverage kicks in if that client files a lawsuit against your company. It may include the following:

Preventative Services

In addition to supplying coverage, many insurance providers who offer cyber insurance also provide preventative assistance to help you become better able to deal with cyber risks.

Risk management services can help you become more prepared in the event of a cyber event, and may include training for your employees so they can identify suspicious activity and understand what to do if, for example, they receive a phishing email. The services may help you develop risk reduction and incident response plans, and comply with federal, state, and industry authorities.

A good insurer will have professionals on staff who are skilled at handling cyber events, and it pays to question them well before a cyber event occurs. Your policy may not specifically speak to before-breach help, but as a service to policyholders, many insurers do offer materials and/or training to clients. 

Having experts available to help you deal with cyber breaches has another benefit. You’re less likely to face liability cases or regulatory fines if you can show that you’ve done due diligence in training and equipping your staff to deal with breaches. By having the appropriate software and hardware to make it difficult for someone to hack into your system, you show that you’ve done everything possible to protect yourself and your technology.

If you are a small business that doesn’t have the in-house bandwidth to hire cybersecurity experts on your own, you should ask questions and be aware of the pre-breach services offered by your cyber insurance company when you request an insurance quote.

Real Life Examples of Cybercrimes 

According to the National Association of Insurance Commissioners, small business losses following a cyber breach average $38,000—a figure that becomes more startling when you know that 60 percent of small businesses that suffer a cybersecurity breach are forced to close within six months of the incident.

So how can cybersecurity insurance help you and your business? To answer that question, let’s look at some examples of cybercrime that were compiled by Travelers Insurance:

All three of these vignettes could happen to businesses both large and small. The financial losses they faced were mitigated by the fact that they had cyber insurance, which paid for a good portion of the remediation and repair efforts.

What Is Not Covered Under Cyber Insurance?

What’s covered by your cyber insurance is specific to your own business. When you work with an agent, they will craft a policy that meets your needs, without adding in anything extra or making omissions that hurt your business.

Having said that, there are some typical exclusions that aren’t featured in most cyber insurance policies. Your service provider may not cover the following, unless you have a specific rider to include it:

Is Cyber Insurance Necessary?

Cyber coverage isn’t required by law in any state in the U.S., so is it really necessary? After all, business owners have their hands full paying for their regular liability, property damage, and other forms of insurance—they don’t need something else they have to write a check for.

But cybercrime is on the rise and skyrocketed during the pandemic. It’s becoming something that more and more business owners must deal with, as cyber criminals and hackers have digital tools at that allow them to infiltrate even the most secure of networks. Exploiting network vulnerabilities and breaking network security is easy for them in many cases.

And of course there are few companies that aren’t vulnerable. In fact, small and medium-sized companies make an excellent target for hackers, since they may have cyber exposures that larger corporations have protected themselves against.

If your business accepts payments online or processes credit card payments, stores any personal information (even if it’s just on an Excel spreadsheet), handles documents online, or even just uses a VOIP phone system, you are at risk of cyber threats.

Where Do I Get Cyber Insurance?

Not all insurers sell cyber policies, but a good strategy is to ask your broker how to get cyber insurance. Most likely, they’ll first check with the company that holds your business insurance policy

More insurers are offering cyber insurance as the insurance market expands to meet the needs of a changing and increasingly technological world. A good policy will cover everything from your employees’ PCs to your social media presence as a whole. It will protect the customer information you store and the other technology you rely on to do business.

If your own trusted insurer does not offer cyber insurance, your insurance broker may be able to recommend a place to turn to for reliable coverage. See if your broker can recommend coverage that can be customized to the needs of your business. A skilled broker will know your business and your industry well enough to understand the particular needs you might have for cyber insurance at a price that works for your bottom line.

As always, it’s a good idea to compare quotes from several companies before making a decision. With written estimates in hand, look at the coverage options that each insurer offers before determining the company that best fits your needs. 

How Much Does Cyber Insurance Cost?

There are a number of factors that impact cyber insurance coverage costs. Your business’s size matters, as does the size of your network and complexity of your technology. 

The strength of your existing security measures is factored in, as well as the amount you choose as a deductible and the maximum amount of your coverage. Your cost, in the end, will be unique and specific to your own individual policy.

Having said that, a 2021 study found that the average cost of cyber insurance in the U.S. was $1,485 a year or $124 a month. The same study found that the average cost of responding to a security breach was more than $35,000 for small businesses, while mid-size businesses could expect to pay an average of $86,000.

Get Cyber Insurance to Protect Your Business

If you haven’t looked into cyber insurance yet, you may be placing your business at risk of a technology crash that could cost you thousands of dollars. 

As the nascent cyber insurance industry ramps up, offering more coverage options each year, it’s the perfect time to explore a policy of your own. 

Talk to your insurance broker to make sure you have the cyber coverage you need.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.