The internet has opened doors to new opportunities for businesses around the world. A few clicks are all it takes for businesses to reach out to their target audience. There is, however, a dark side of the internet that every business should be aware of. With cyber criminals lurking in every dark corner, the internet can sometimes be a very scary place. Cases of businesses losing almost everything due to cyber attacks aren’t unheard of. To help cover losses due to cyber attacks, many insurers now offer cyber insurance.
Cyber insurance: An introduction
Cyber insurance policies are insurance products designed to protect insured people and businesses against the threats posed by internet-based risks and cybersecurity issues that are related to IT infrastructure and activities. Cyber insurance policies cover losses that arise due to data theft, data extortion and data destruction.
Insurers also compensate their clients for losses caused to other companies due to errors and omissions and lack of proper measures to safeguard data. A cyber insurance policy may also cover investigation expenses and costs related to post-incident public relations. Most cyber insurance policies, however, do not cover losses caused due to a dent in the business’ reputation.
Any business that has a digital footprint and uses computer systems and the internet, our highly recommended IT Support engineers in London must consider cyber insurance a must. If you have a website, store sensitive customer and employee-related data, or have entered a payment card industry merchant services agreement, talk to an insurer immediately to select the best policy that is aligned with your business needs.
Some good-to-know things about cyber insurance
Types of cyber insurance
Depending on the nature of coverage, cyber insurance policies can be broadly categorised into two types. While the first policy type covers losses suffered by the insured due to a cyber attack, the second type compensates third parties such as the business’ clients and government for the losses that they suffer due to the security breach.
Better security = lower premium
When deciding the premium, one of the most important factors that insurers consider is the effectiveness of the security measures employed by the client. A company that has an effective security system and disaster response mechanism in place is less likely to be targeted by cyber-criminals. Insurers often offer discounted premiums to such businesses. Lately, many insurers have started demanding that their clients meet the minimum required security practices.
A typical cyber insurance policy has numerous exclusions. Some policies, for instance, may not compensate for the loss of encrypted data, expenses related to breach notification and data restoration services. To avoid nasty surprises, it is advisable that you and those at the helm of your IT support team in London go through the contract thoroughly before signing on the dotted line.
Premiums are negotiable
Cyber insurance is still an immature market. Though the market’s immaturity results in price fluctuations, all’s not lost for businesses. Cybersecurity insurers are more open to negotiations than those who deal in other types of insurance products. To increase their chances of securing a better deal, businesses must take steps to assure their insurer that they won’t lose out by betting on them.
Many companies now require that their vendors carry cyber insurance
As an aftermath of the Target data breach of 2013, in which cyber-criminals first targeted the retailer’s air conditioning contractor to execute the attack, more companies are demanding that their vendors opt for cyber insurance. Some companies adopt a non-negotiable approach in this regard and won’t sign the service level agreement until the vendor gets appropriate cyber insurance coverage.
Things to do when choosing a cyber insurance policy
- Study every clause and sub-clause carefully. Determine whether the policy is customisable.
- Enquire about deductibles.
- Ensure that the policy covers social engineering attacks.
- Enquire whether the policy covers only targeted attacks.