In this blog, we reference industry data to help articulate the risks of not having a cyber insurance policy that is right for your business. This data coupled with knowledgeable Cyber Producers should help empower better decisions for your business during an era of cybercrime. ~ Reid Wellock, President, FifthWall Solutions
What level of cyber insurance is right for your business? The short answer is, it depends.
First, ask yourself, what and how much sensitive data does your business store — like customer and business partner information in the cloud or on any computer? Second, how important is the reputation of your business to you?
How you approach these questions will determine how you handle your businesses’ security, and how it will affect the flourishing of your clients, employees, business partners–anyone you have built trust to do business with.
Let’s paint the picture
Ransomware hackers are busy at work stealing thousands of email records and writing the most creative phishing emails.
One of your account managers opens that email that reads “Messages failed to Sync” sent by a spoofed postmaster address, clicks on a link, and even downloads a pdf file. And away it goes. Just one of these messages may install malware, like viruses, spyware, or ransomware, on any device. This all happens without warning, and is undetectable to the average user.
6 months after the cybercriminals behind the email infiltrate your company’s network, you find that all of your files and backups are encrypted with a ransom message pop-up. Your choice is to either pay the six-figure ransom the cybercriminals demand, or have your data destroyed forever. In the meantime, your operations come to a halt as important deadlines and contracts fall through.
Once you pay the ransom and your files are unencrypted, you find yourself uncertain that the cybercriminals have truly left your systems alone, and have no choice but to bring in a cyber forensics team to ensure the cybercriminal’s access is cut off. Meanwhile, legal investigations for the incident are ongoing as PR efforts seek to mitigate reputational damage to your company.
60% of small businesses go bankrupt within six months of an attack.
(USA Today)
Amount of Cyber Coverage Needed
Your people, customers and employees alike, are your best asset, so you will want to protect your business and everyone it touches by having a cyber insurance policy do the heavy-lifting–covering the costs of a cyber incident as part of your risk management strategy. Most small companies purchase a cyber liability insurance policy with a $1M per occurrence limit.
Referencing the ransomware scenario, a data breach costs a business about $250 per customer record. For a small business, a $1M aggregate limit may be adequate. The best way to know is to rely on a Cyber Producer who knows your market and has the tools to provide the right policy.
An insurance agency may also recommend that your business purchases a technology errors and omissions policy (Tech E&O) if your business is at greater risk because of the industry you are in — high tech, healthcare, professional services, etc.
Company Size Matters
Cyber Insurance must reflect the size of your business. If your business has thousands of clients, meaning tens of thousands of records, you could be looking at hundreds of thousands in costs to remediate a cyber breach. The average cost of a data breach in 2020 for big businesses is more than $150 million
- .According to IBM, Breaches of 1M to 10M records cost an average of $50M, more than 25 times the average cost of $3.86 million for breaches of less than 100,000 records.
- The most expensive part of a cyber attack is information loss at $5.9 million. (Accenture)
- Cybercrime will reach a cost of $6 trillion by 2021. (Herjavec Group)
The Bottom Line
Organizations with a strong security posture or a formal incident response plan before the incident can reduce the average cost of a breach by as much as $21 and $17 per record, respectively. (Kroll). The formation of an incident response team reduces the cost of a data breach by an average of $360,000 (IBM).
FifthWall Solutions is quoting and binding business for mid-size to larger companies. With broad market access and extensive product knowledge, FifthWall has access to more than 30 markets and offers limits up to $100 million in coverage, allowing agents to identify the right policies today and at renewal quickly.
