Strengths. Weaknesses. Opportunities. Threats. As you plan for 2018, you may be conducting a formal or informal SWOT analysis for your business. When you get to the “Threat” category, make sure to add cyber risk to your list.
Ransomware attacks are on the rise, and new data breaches make the news nearly every week. For businesses of all sizes, the question is not IF but, rather, WHEN the cyberattack will hit. Avoiding the internet isn’t an option, so you must proactively manage cyber security. For many, this includes an investment in cyber liability insurance.
When a computer or entire computer system is infected with ransomware, the files are encrypted, and the hacker demands a ransom in exchange for the return of the files. According to the FBI, ransomware attacks have become both more common and more sophisticated in recent years.
Data breaches, like the ones affecting Equifax, are another serious threat. Other risks include viruses other than ransomware and denial of service attacks.
When a cyberattack occurs, companies can suffer in many ways, including business interruption and the loss of customer trust. Businesses may also incur direct costs when they must replace hardware, pay fines, notify affected customers or pay for credit monitoring for customers whose personal information has been exposed.
The Rise of Cyber Insurance
Cyber insurance is a relatively new product that protects against modern risks. Since its origin a couple of decades ago, and as the rate of cyberattacks has increased, more and more companies have adopted it as an essential part of their cyber security plan.
Just as with other types of insurance, cyber liability insurance does not prevent incidents from occurring. To do that, companies must take essential security measures, which should include installing anti-virus programs, updating software as soon as updates and security patches are made available and training all employees on basic cyber security. Even with these safeguards, however, a cyberattack is possible, as cybercriminals are always changing their tactics to exploit new vulnerabilities. This is where cyber coverage comes into the picture.
What Cyber Insurance Does
After a cyberattack occurs, the typical cyber insurance policy can cover numerous associated costs, including:
- Investigating the extent of the attack
- Recovering data and repairing computer systems
- Notifying customers of a breach
- Credit monitoring for impacted customers
- Business interruption
- Legal fees and expenses
Cyber coverage can also protect companies from other online threats, such as violation of obscenity laws and the infringement of intellectual property.
Who Needs Cyber Insurance
Businesses should not assume that their general liability insurance policy will provide coverage should a cyberattack occur. Insurance products that are not designed for cyber risks, including general liability insurance policies, may exclude coverage for cyberattacks.
Although organizations within the financial service and health care industries are especially vulnerable to cyberattacks, any company that relies on computers and the internet to conduct business or to store employee or customer data can benefit from the protection. This includes companies of all sizes; cybercriminals do attack small businesses, and the consequences can be especially devastating for companies with fewer resources.