According to IBM and the Ponemon Institute’s 2020 “Cost of a Data Breach” report, the average total cost of cybersecurity breaches in the United States of America between August 2019 and April 2020 was $8,640,000. This astonishing figure looks at the hard dollar costs, in addition to:
Cybersecurity breaches are not new, but they are happening more frequently and becoming more costly for companies everywhere. The COVID-19 pandemic pushed many businesses to work with online platforms and leverage cloud data storage which, in turn, expanded these organizations’ attack surfaces, making them more vulnerable to ransomware attacks.
As a result, the desire to mitigate the risk of a data breach is spreading throughout the entire C-Suite, giving rise to a new kind of insurance: Cyber Liability Insurance.
What is cyber insurance? Cyber insurance, also known as cyber-liability insurance, is an insurance policy that helps protect organizations from the fallout of cyberattacks.
A cyber insurance plan includes more than just financial protection. It can also help to minimize business disruption amidst a cyber incident. Companies that are hit with a ransomware attack and have no insurance protection are often unable to recover - whether this is due to a lack of funds to recover, a soiled brand reputation, or information loss that is detrimental. By implementing cyber insurance into your arsenal, you are more likely to recover both financially and market-wise in case of an attack.
There are two categories of financial protection in cyber insurance, first-party and third-party:
First-party cyber liability insurance
Third-party cyber liability insurance
Virtually every business in 2021 relies on technology to generate revenue, process transactions, and/or store data. That said, whether or not your company needs to have cyber insurance is a complicated question to answer.
Companies that store any kind of sensitive data or personally identifiable information (PII) should already have an incident response plan in place. In these instances, the added layer of protection cyber insurance provides could mitigate significant financial risk, as the following line items can become quite costly in the event of a breach:
The process of obtaining cyber insurance is similar to any other insurance - The insurer wants to understand the risks your company may face and the precautions you are taking to avoid them.
An important step within this process is assessing your company/industry and its cyber risks. In order to understand and better prepare many insurance companies will measure your cyber risk during the appraisal process. Cowbell Cyber offers a cyber risk evaluation that gives insight into your attack surface and where you are most vulnerable; therefore, giving a better perception of the insurance your business will require.
When applying for insurance, they will need you to know and understand the health of your company's cyber hygiene, attack surface, and cybersecurity infrastructure.
When applying for cyber insurance, you will need to answer questions around:
Many business owners hear the term breach and assume that this deals solely with the finances of the company. However, what many don’t acknowledge is that without cyber insurance, companies that are breached face much more than financial discourse or a loss of money.
In a recent breach, the cellular provider T-Mobile was breached and lost thousands of customers’ sensitive information to hackers. They are now facing a class-action lawsuit due to a lack of proper cybersecurity that could cost them thousands on top of the breach.
In addition, many companies face challenges around rebuilding their brand for years after a breach, with some unable to ever fully recover:
Read more about the impacts of these ransomware attacks here
Cyber Insurance can recover your organization in a way that you would not be able to do alone and therefore should always be applied to any IR plan.
Cyber Insurance is not only able to support you financially by covering ransoms and replacing lost funds, but many cyber insurance plans are able to handle customer-facing situations as well. This includes letting customers know about the event and handling any legal battles that may arise from it.
When determining an insurer, it is important to make sure they are the best fit for your organization, taking into account:
The next step in acquiring insurance will be going over exclusions, policies, and the agreement plan if there is a breach. When given multiple quotes, take into consideration:
Find out more on choosing the Right Cyber Insurance Plan
Cyber liability insurance plans can be vital to an organization, and just like home insurance, they are plans meant to protect the things you cannot afford to lose. Cyber Insurance is a growing market as more and more businesses go online; therefore having a team at the ready for your legal, financial, and brand support could save your business after a breach.