Cyber insurance for your business might be worth the cost. It deserves a good look because it educates on reducing risk, helps when a breach happens and can be a competitive advantage.
In 2015, data breach events are once again on the rise. How your organization, regardless of size, efficiently and compliantly manages a breach incident response can be the difference between being the next headline news story or going out of business. As business owners and executives look for new ways to protect their business risks and branding, cyber insurance is receiving more consideration as a way to help you manage and respond, whether your data breach is caused by outside hackers, your own employees, or vendor relationships ranging from malicious intent to accidental release of information.
The use of cyber insurance communicates to clients, prospects and vendors that your business is serious about managing a data breach event and your commitment to protecting customer and employee information.
Here are three tips to consider when reviewing the option of adding a cyber insurance policy:
- Work with an insurance broker who understands cyber insurance. An insurance broker who understands cyber insurance can help educate your business on the different types of cyber insurance policies and validate the need for a cyber-insurance policy. A broker can also help you understand business interruption, legal liability, costs to investigate a data breach, notification to victims and defend/settle class-action lawsuits, including regulatory enforcement actions and fines.
- Data breach assessment. Your business needs to evaluate its overall risk of experiencing a data breach and the type data you collect, store and transmit. Here are some questions to ask when considering cyber insurance: What type of industry are you in? What is the type and volume of data that your company collects, uses, stores, and transfers? What is the prominence of your brand? Are your technology and information security and governance best practices up to date? Are mobile devices an integral part of your business? What are the total number of vendors and third-party contractors with access to your company’s sensitive data?
- Learn about cyber policy exclusions and endorsements. Not all cyber insurance policies are created equal. Ask about retroactive coverage for “prior, unknown data breaches.” Ask about coverage that includes “loss of data” versus only “theft of data.” If your business acts as a vendor or third party contractor for other businesses, ask about your cyber coverage that includes liability to cover your business clients.
The reality is, the challenges of a data breach event can include complex federal and state breach notification laws, and most small businesses lack the financial and human resources to respond. Cyber insurance can support your risk-management objectives.
Mark’s Most Important: Take a look at cyber insurance before your business is a data breach victim.
Mark Pribish is vice president and ID-theft practice leader at Merchants Information Solutions Inc., an ID theft-background screening company based in Phoenix. Contact him at firstname.lastname@example.org.
This article was originally published on AZcentral.com and republished with the author’s permission.
Merchants Information Solutions is a proud sponsors and provides financial support to the ITRC. For more information on the ITRC’s financial support relationships please see our sponsorship policy.