Does My Business Need Cyber Insurance?

Does My Business Need Cyber Insurance?

February 17, 2020

The answer…YES! The use of technology is an important aspect of any business model in today's time. Technology is what helps businesses reach more clients, achieve higher efficiency and build their brand, however, it also places businesses at risk for losses related to cyber security issues. It is important that business owners educate themselves on how to protect their data and private information. Cyber Insurance is a product that can help business owners cover the costs related to a cyber security breach including revenue loss, equipment loss, business disruption, legal fees, client notification fees, as well as several other unanticipated costs. Cyber Insurance should include the following key coverages:

Lost Data

Companies are responsible for their online data, no matter where it is stored. Whether it is stored on your property, in an offsite data warehouse or in a third-party technology company cloud, you may be held liable if any personally identifiable information (PII) or protected health information (PHI) gets exposed. To help protect your company's data, cyber professionals recommend you understand where all of your private or confidential information is stored. Create and test policies and procedures concerning the collection and storage of data, and have a document retention procedure in place to ensure you avoid keeping data you do not need. If a breach does occur, a cyber policy can cover breach notifications and remediation expenses, subject to the applicable retention. It also can cover defense expenses such as responding to and cooperating with regulatory investigators.

Lost Devices

Today's mobile workforce means that laptops and other mobile devices often leave the workplace premises and may be stolen or compromised, potentially exposing private or confidential data. While you cannot completely prevent theft or loss, your organization can take steps to protect and limit the amount of data on each device, such as implementing procedures for using effective passwords and mandating periodic changes. Avoid storing any private or confidential data on laptops. Or, if necessary, store only encrypted data or access it via a secure connection to a server. If a breach does occur, a cyber policy can include Network and Information Security Liability coverage, which provides protection for failure to prevent unauthorized access to, or use of, data containing private or confidential information of others. The costs for a single lost laptop can include more than just the cost of the device, such as legal costs, investigation and miscellaneous expenses.

Notification Requirements

Notifying customers of a breach and other post-breach responses, which is mandated by law, can add up, averaging $1.72 million according to one survey of U.S. businesses.* As part of the a cyber policy, the carrier would refer the customer to a law firm to serve as counsel and breach coach and help reimburse those costs, subject to the applicable retention. An incident breach response vendor would also be recommended to handle customer notifications, in keeping with state laws when personal information is compromised.


Computer forensics teams can determine the extent of a breach and whether private customer information may have been compromised. A cyber policy would reimburse the insured, subject to applicable retention, for computer forensic experts. The policy also could provide coverage for potential business loss and extra expenses that may occur during the period of business restoration.

Technology is a critical part of operating your business. Contact our office to learn more about cyber insurance and how we can help you protect your business. Don't let a data breach destroy the business you have worked hard to build.

Article Source: Ponemon Institute 2016 Cost of Data Breach Study and Travelers Insurance -