Cyber Insurance Is Cheap
With the steady increase in Cyber attacks on small businesses, it is timely to provide a little bit of insight into some common Cyber and insurance myths.
As you would protect your business against fire or theft it is ever-more important to protect your business from a Cyber loss.
The cheaper covers in the market are generally limited to Cyber-Hacks, or limited to attacks on your Website.
Therefore the policy excludes the most common risk – accidental physical loss of data. The policy should pay for losses to your clients and reimbursement of some costs you incur.
Myth 1 – only the bigger businesses need to protect their data
Who said that Cyber-Losses only happen to larger corporations? Typically a smaller businesses is more vulnerable (and less prepared for a loss of data) and the opportunity for an attacker to succeed is higher. Just under half of all Cyber attacks are aimed towards small businesses.
Myth 2 – my cloud provider holds all my data so my data is safe
No matter where your data is held, it is your responsibility to look after it. If your system is hacked is not the fault of the cloud provider. There is a slim chance your cloud provider could be hacked and you (would expect) that they have insurance and procedures in place to recover your data and compensate you for your loss.
If Uber and the Australian Bureau of Statistics are able to be hacked (remember the embarrassing Census website hacking) then there’s a good chance your system is not fool-proof. Hackers may not be able to decipher your encrypted data file although they will hold your data for ‘ransom’.
Myth 3 – I encrypt all my data offline so my data is safe
Hackers may not be able to decipher your encrypted data file although they will hold your data for ‘ransom’. The main targets are businesses that hold personal data, such as Conveyancers, Day-cares, Real Estate, Finance Brokers and all health/medical related services.
Myth 4 – Cyber Insurance is expensive
Cyber Insurance is a re-active product that will assist you when you have a Cyber Event. Your insurance broker will help you choose a level of cover that is suited to your needs and budget. Like most things, you get what you pay for. The cost of Cyber Insurance can start from a few hundred dollars. These cheaper policies are normally ‘bolt-ons’ to another policy such as a Liability policy or a Professional Indemnity policy. They are a very good introduction into Cyber Insurance although they provide a limited amount of cover.
What do I need to ask my Broker about Cyber Insurance?
Ask your Broker for a variety of options:
The cheaper covers in the market are generally limited to Cyber-Hacks, or limited to attacks on your Website. Therefore the policy excludes the most common risk – accidental physical loss of data. The policy should pay for losses to your clients and reimbursement of some costs you incur.
Middle of the range cover will incorporate a wider range of data loss (including accidental physical loss of data). You will be able to choose the level of cover and other risks such as phone phreaking or phishing attacks.
It is important to check if the policy includes cover for:
- Investigation costs
- Fines & Penalties
- Claim Defence Costs
- Loss of your own ability to earn an income
- What Jurisdiction the policy operates in
Top quality cover will provide all of the above with additional benefits:
- Access to a Cyber response team that you can contact 24/7
- A response team who will do the investigation and ransom negotiation for you
- Assistance with notifying your clients. Take into the cost of a ‘team’ who can respond to phone calls and customer concerns that may be ongoing for some months.
- Assistance in determining if it is a data breach & notifying the OAIC
- Flexibility with higher limits and less restrictions
- Ability to include cover for Cyber Terrorism
There are a variety of experts who are available to assist businesses both in the Preventative stage and Response stage.