Cyber crime is on the rise in the UK. If you own or carry customer data, even if its only an excel spreadsheet on a PC, you could face a claim should that data fall into the wrong hands. Get on cover with the right policy today.
What is cyber insurance?
Cyber insurance has been around for over a decade now. It’s designed to protect businesses not just from Internet based risks, but all risks pertaining to information technology infrastructure. Policies vary and can be tailored to your businesses particular needs, but broadly cover can be designed to include:
- Contribution to the cost of managing the incident itself. These costs can be significant, particularly if there are regulatory enforcement costs and if you factor in potential reputational damage to your business.
- Loss or damage to digital assets – for example any client data that you hold or software that you use as part of your business activity.
- The cost of informing your customers of the loss or damage. This can often be a regulatory requirement.
- The cost of cyber extortion, where someone threatens to damage data, software or release customer data if you don’t pay a ransom.
- The cost of business interruption due to network downtime.
- Theft of money through electronic theft.
In addition to the first party damage that a cyber security breach could bring to your business, a cyber insurance policy can protect you against the cost of a claim made against your business as the result of a cyber crime committed against you:
- Security and privacy breaches could see you liable for the costs of an investigation, defence costs and civil damages associated with them.
- Multi-media liability, to cover investigation, defence costs and civil damages arising from defamation, breach of privacy or negligence in publication in electronic or print media
- Loss of third party data, including payment of compensation to customers for denial of access, and failure of software or systems.
What sort of businesses need cyber insurance?
The high profile cases in the media typically involve large, blue chip businesses. For this reason alone, many SME business owners and managers may think that cyber insurance just isn’t a relevant consideration for them. In fact, it’s estimated that during 2016, 74% of UK SME’s suffered some form of security breach.
The defining consideration should be whether any part or individual within your business could be considered a ‘data controller’. If you store client records electronically, that could be enough to see a reasonable threat of your business suffering a cyber breach.