What is cyber insurance and should you buy it?

The digital era has created more opportunities for cyber-criminals, especially as more business is undertaken online. Cybercriminals are only getting smarter, and businesses are needing to take more steps and precautions to make sure they can keep customer’s data safe. 

Cyber insurance won’t shield a company from cyber attacks or from being exposed to cyber risks, but it can mitigate the damages caused by a cybersecurity incident. 

What is cyber insurance and do you need it? 

Cyber insurance (also referred to as cyber risk or cyber liability insurance) is a form of cover designed to protect your business from threats in the digital age, such as data breaches or malicious cyber hacks on work computer systems.

A business is responsible for its own cybersecurity, but in the event of a cyber attack having the right insurance will mean you aren’t alone. Cyber liability cover will provide crucial support to help your business stay afloat.

So why buy it? In the event of an incident, a Cyber liability policy will provide you with the critical first response of IT forensics, legal, Crisis management, and support required to investigate, control, mitigate and remove threats. A Cyber Liability policy will also help you to adhere to the requirements of GDPR within the time frame required – which can assist with the ICO’s decision in line with fines and your general reputation to clients and vendors.

What are the impacts of a cyber attack? 

There is a range of impacts a cyber-attack can have on your business:

• Loss of reputation: Increased public and media awareness around the importance of personal data means that customers are far more careful about who they can trust to look after their data. If a business suffers a breach the effect this has on their reputation can be damaging long-term not just by a loss of custom but also a loss of suppliers.
• Income losses: Breaches and cyber-attacks can lead to loss of revenue, incurring costs for business interruption, as well as the costs associated with loss of management’s time that is spent dealing with the issues following a breach.
• Wider business disruption: The impact of a cyber attack can be significant to how the business is run. It could stop parts of the business from continuing, meaning staff are unable to work and therefore leading to more financial losses.

What to look for when buying cyber insurance

There are many different factors to consider when buying a policy. Whether you go through a broker or buy direct from an insurance provider, cyber insurance is like any other coverage: there are plenty of hidden fees and conditions to be aware of before you lock yourself into a contract.

It's important to know when your coverage will trigger and when it won't, whether the plan suits your specific data risk and coverage needs, and what claims are excluded.

For businesses, in particular, it's important to do your research before hand and know what your company has in place. Does your company have a CISO? What security software and incident response systems do you have in place? What types of customer data are you collecting and how are you encrypting and protecting it? Cyber insurance premiums can get quite pricey, and will be even more expensive the more risk factors you have