A guide to cyber insurance
What is cyber insurance?
Any business can experience a data breach or cyber-attacks. If the worst does happen, it can have serious repercussions for your reputation and your clients' businesses - not to mention the cost of any legal fees, compensation claims and notifying those affected.
Cyber insurance is designed to cover you for breach of data protection laws (where insurable by law) and your liability for handling data, cyber liability insurance can also provide cover for extortion, system rectification costs, plus PR expenses and financial loss due to system downtime.
Cyber insurance guide
Who is cyber insurance for?
Firstly, even if you're not 'in the cloud' or get 'big data', read on. Few businesses can get by today without some form of technology, whether it's a website, data servers or basic online software. Even with a small IT footprint, cyber-attacks can still be a risk. And if you're one of those whose whole world is 'in the cloud', your risk could be even greater.
What are the risks?
Data breaches and hacking are big news, with frequent reports showing the damage they can do to business reputations, customer trust and the bottom line. And it isn't just big businesses affected. You also have data protection laws to think about, with penalties of up to €20m or 4% of annual turnover if your business fails to comply with the General Data Protection Regulations.
The extent of your risk depends on the number and type of records you hold, along with the network security and backup measures you have in place. The origin of data can also be an issue, as different data protection regulations apply to most overseas jurisdictions.
Things you can do
Keep track of the data you hold and if you don't need it, delete it. Anonymising personal information is another good way of staying protected. If your data still lives in excel spreadsheets, then consider updating your systems. There might be a solution that not only provides security but also improves efficiency and productivity. Carefully vet all suppliers first, of course. Finally, if you're not sure then seek professional advice – not everyone knows the latest encryption practices!
What to watch out for
Cyber insurance is closely linked to professional indemnity insurance, so make sure your provider has a good technical understanding of how they work together. Note that when you take out a cyber liability insurance policy, you will need to disclose the type of data you're holding. This is particularly important for financial information. Also consult your policy if anything changes in your business, as this may affect its validity. Disclose things that change ASAP – even before they happen.