While it may sound techy, cyber insurance covers risks that are relevant to businesses of all shapes and sizes. Whether you’re a software startup or selling clothes online, you’ll likely have personal data in your computer systems, which is both regulated and valuable to cyber criminals.
Not convinced it's for you?
In 2019, the Association of British Insurance (ABI) revealed that only 11% of businesses had a specialist cyber insurance policy in place, despite the fact that in 2018, over a million businesses were hit by major attacks, costing a combined £8.8 billion. These figures say it all: the protection cyber insurance offers is more important than many businesses realise.
You may be thinking, “I’ve never been hit by a cyber-attack”. But maybe you have been. According to a government-commissioned survey, almost 1 in 3 UK businesses identified a cyber attack in 2019. Note that this statistic only represents the businesses that actually identified a cyber-attack, so the real numbers are likely to be much higher.
Here are four key reasons why you might want to consider cyber insurance for your business:
To cover data protection breaches
If your business handles personally identifiable information, which is essentially any information that can be used to identify a specific person, you’re required to comply with the General Data Protection Regulation (GDPR). As important as this is, both accidental breach of privacy and malicious cyber-attacks put you at risk of huge unexpected expenditure. Violating GDPR could land you with a fine of up to €20 million, or up to 4% of your annual worldwide turnover for the preceding financial year, whichever is greater. And on top of this, there are legal and compensation payments to consider, for those whose data has been compromised.
Our insurance includes cover for those regulatory penalties insurable by law, your legal defence costs and compensation payments, which not all providers offer.
To cover business interruption
If an outage of your computer systems, or those of your suppliers (e.g. AWS) would put you in the red pretty quickly, cyber insurance is certainly something to consider. And with almost 1 in 4 SMEs suggesting that they’d go out of business in less than a month if unable to trade, it’s a risk that many businesses consider too high to leave uninsured.
Our cover includes lost revenue due to your computer systems or a supplier’s computer systems.
To cover extortion costs
In the context of cybercrime, extortion refers to a demand (usually of money, in the form of cryptocurrency) from a cybercriminal, with the threat to prevent access to your systems or publish your private data online.
Ransomware is one of the most common methods of cyber extortion. It involves the installation of malware (software created with malicious intent), that is designed to block users from accessing their system or files. The cybercriminal will then hold these permissions ransom until they've been paid, or an alternative agreement has been made.
Another common method used by cyber criminals to attack websites is the dreaded distributed denial-of-service (DDoS) attack, in which a cybercriminal floods the victim's website with an abundance of traffic, rendering it unable to cope.
Our cover includes negotiation costs and extortion payments, even if they’re demanded in cryptocurrency, the preferred payment method of cybercriminals.
To minimise damage to your reputation
A data breach is stressful enough as it is, but fixing the immediate problem doesn’t necessarily solve the multitude of negative knock-on effects to your business's reputation. Research by IDC found that 80% of consumers from developed nations would defect from a company following a breach of their personally identifiable information, so it's especially important to get things right when it comes to managing communications around a breach.
Our cover includes specialist PR and crisis management support in the wake of a data breach, to help you put your best foot forward.