What is Cyber Insurance and Why Do You Need It?
Cyber insurance is a dedicated business insurance package to protect against cybercrime and, potentially, IT system failures. It is recommended to business owners who have large and complex computer networks or who hold lots of sensitive data or deal with customer payment details.
The insurance covers a multitude of nightmare scenarios, including computer systems breaking down, which halts trading, a cyberattack, or theft of data. It provides businesses with expert help and advice, both on the legal side and the IT side, as well as covering what could be expensive payments to affected customers.
Cyber liability insurance can also provide practical solutions outside of the business, such as a public relations campaign to improve reputation or even setting up a call centre to deal with customer complaints.
Security breaches are costing small businesses £65,000 – £115,000 and large businesses £600,000 – £1.15million in worst cases, according to a report from PwC. And with businesses using computers and the internet more than ever, increasing numbers are looking at specific protection in the form of cyber insurance.
The UK Government estimates nearly half (46%) of all businesses have been victim to a cyberattack. And it is not just large corporations, with 68% of medium-sized businesses saying they had fallen victim to a cybersecurity threat, as well as 75% of large businesses.
Shockingly, nearly a third (32%) of those who said they had identified a security breach or attack said they were experiencing issues at least once a week. These chilling statistics are why this specialised insurance is giving organisations a much-needed safety net.
Who needs cyber liability insurance?
While it is not a legal requirement to have cyber insurance, any business that deals with a lot of private data, especially payment details, is wise to have the cover. Businesses are also at risk if they have many computers linked to an internal private network.
Despite the average cybersecurity breach costing £22,700 for large businesses and £3,650 for small traders, most businesses are still not insuring themselves against cyber risks. In fact, just under a third of businesses (32%) are covered against cyber risk, according to the UK Government’s Cyber Security Breaches Survey 2020.
Many business owners who do have bespoke cyber insurance report benefiting from expert legal advice and access to IT specialists after an attack and receiving general advice on their cybersecurity. And many large businesses use their cyber insurance as a sort of unofficial accreditation to show their reputation is one to be trusted.
How much does cyber liability insurance cost?
Cyber insurance costs about £240 a year for a small to medium-sized business looking for a good policy. It can be as little as £132 a year (£11 a month) for a very basic package for a small business. Larger businesses will pay more depending on their size and type of business activity.
As with every policy, the cost of cyber liability insurance depends on a range of factors, including the business’s size and the risk factors involved in its line of work. And remember, not all policies offer the same protection, so make sure it is covering what you require, whether that be data loss, business interruption, IT system failure, hacking, ransomware or theft.
Is cyber liability insurance worth it?
Cyber insurance is worth investing in if a business deals with a lot of payment information or private data or relies on computers and computer systems.
Business owners who have specific cyber insurance are generally more likely to reap the benefits of the protection than those who have cyber cover bolted on to general business insurance. They cite legal support as the number one benefit to their cover, according to the UK Government’s 2020 survey.
Other most mentioned benefits are the fact that cyber insurance protects against lost earnings or profits if a computer glitch is to blame and lost data and general help and advice to respond to a security breach. However, some other types of insurance will have an element of cyber protection built-in as well, so it is worth checking what you are already covered for.
While business interruption is one of the core elements of cyber insurance, there is already business interruption insurance available which could offer protection if a computer system failure disrupted trade. It is worth checking the small print of standalone business interruption insurance to check it is protecting against the cyber element of loss of trade.
Meanwhile, some may find their contents insurance already covers their computer systems comprehensively enough that they do not feel cyber insurance is right for them. It is worth taking into consideration the size of the business and how much it relies on IT systems and storing data securely when deciding whether cyber insurance is worth it or not.