Most general liability insurance policies do not cover cyber, and if they do, it’s usually on a very limited basis. Hacking, identity theft, credit card fraud, and phone phishing are all crimes that traditional insurance policies do not address.
Any business that stores “personally identifiable information,” including employee birthdates, social security numbers, or client information, is legally obligated to protect and secure that information. If your business requires you to store this type of client information, you are required to have it protected!
When a cyberattack occurs, many businesses must interrupt their operations. Cyber insurance helps to recover lost income from downtime. On average, cyberattacks cost businesses about $200,000.1 Not all businesses can recover from these types of losses.
Small and midsize businesses tend to be most vulnerable, as they often don’t have the infrastructure and capital to recover from a breach effectively. About 43% of online attacks target small businesses, and about 60% of businesses go out of business within six months of the attack.2
Even if you outsource network security, data management, and payment transactions, as the original data owner, you will likely be named in third-party lawsuits in the event of a breach. Cyber policies offer third-party coverage that insures for the liability of the policyholder to third parties, including clients, arising from a data breach or cyberattack.
1, 2 CNBC.com
3 IBM
4 Ponemon Institute
5 Symantec
6, 7 Intel Security and the Center for Strategic and International Studies