Breaking Down Cyber Insurance Policies

Car and home insurance are familiar concepts. Most people recognize the value of insuring their physical property — but what about their data? Over the past 20 years, thanks to the evolution of technology and cyber threats, cyber insurance policies have grown in popularity from small to global businesses. Any company that stores, transmits, collects, or uses private consumer, customer, or patient information should be aware of the options when it comes to protecting itself in the event of a data breach.

Three important types of cyber insurance are:

Errors and omissions
Professional liability insurance that covers claims against the performance of services, such as negligence or inadequate work.

Network security
Covers data breaches and destruction, virus transmission, and cyber extortion due to inadequate network security.

Covers breaches of physical records, such as misplaced documents, lost hardware, and even mistakes involving sending confidential material to the wrong email address.

Before committing to an insurance company, create a cyber risk profile for the organization, including a list of expenses that will ideally be covered in the event of an attack or data breach. Ask these questions when considering a cyber insurance provider:

  1. Does the insurance company offer standalone insurance or only extensions to existing policies? Are the policies customizable?
  2. What deductible makes sense for your organization, and which insurance company provides the best offer?
  3. Does the policy include social engineering and network attacks?
  4. Does the policy cover non-malicious actions by internal staff?
  5. Does the policy cover third-party service providers?

Remember that general liability insurance only covers physical property damage, not cyber damage. With attacks against all types of businesses increasing every year (and some experts reporting that 50% of small businesses suffer repeat attacks), it truly is better to be safe than sorry.