The 9 Best ERC Companies For Getting Your ERC Tax Credit
Read More
Sep 18, 2023
Filed under: Accounting, Bookkeeping, Invoicing
Cybersecurity Insurance For Small Business: What It Covers, Why You Need It, & How Much Will It Cost?
Cybersecurity insurance protects your business from damages after data breaches and other online risks. Our cybersecurity guide will answer all your questions.
-
WRITTEN & RESEARCHED BY
Senior Staff Writer
UPDATED
Advertiser Disclosure: Our unbiased reviews and content are supported in part by affiliate partnerships, and we adhere to strict guidelines to preserve editorial integrity.
Cybersecurity insurance, also known as cyber risk, cyber liability, or data-breach insurance, is a type of policy that protects businesses from financial harm following data breaches, hacker attacks, and other online risks.
How can you tell if this type of business insurance is something you need? Where is the best place to get cyber liability coverage, and how does it work?
Our complete guide to cybersecurity insurance will answer these questions and more!
Table of Contents
- What Is Cybersecurity Insurance For Small Business?
- How Does Cybersecurity Insurance Work?
- Who Needs Cyber Insurance Coverage?
- What Cybersecurity Insurance Does & Doesn’t Cover
- What Are The Most Important Types Of Cybersecurity Insurance?
- How Much Does Cybersecurity Insurance Cost?
- The Bottom Line On Cybersecurity Insurance
- Cybersecurity Insurance FAQs
What Is Cybersecurity Insurance For Small Business?
Cybersecurity coverage is a type of business insurance that can help your business pay for any losses or liability you incur following a cyberattack or data breach.
Cybersecurity insurance does not help you protect your data, however, it kicks in only after your cybersecurity measures have been tested and failed. Talk to your business insurance provider or a cybersecurity professional if you’re interested in a cyber risk assessment that can help you strengthen your internal protections.
How Does Cybersecurity Insurance Work?
Cybersecurity insurance kicks in when any unauthorized party gains access to your company’s confidential data, including customers’ payment information or employees’ personal identification. A malicious hacker might try to damage or destroy your computer network or system. Or you could fall victim to a ransomware attack, where your customer data is locked up, and criminals threaten to sell it if you don’t pay to regain access.
The cyber threat your business faces could be smaller and more personal: An employee mistakenly emails confidential information, an accountant responds to a phishing attempt, a contractor copies a hard drive, or a disgruntled worker steals a thumb drive, for example.
These types of actions, whether innocent mistakes or deliberate attacks, can be devastating. Your business could face overwhelming financial costs, lawsuits, and expensive mitigation efforts.
Cybersecurity insurance can help cover the costs of forensic investigations, legal costs, regulatory fines, crisis management services, business interruption costs, and even cyber extortion.
Not all cyber policies are the same. To make sure you have the best protection, talk with an insurance agent about your business and the specific types of risks you face.
Who Needs Cyber Insurance Coverage?
While large data breaches and hacks affecting familiar names like Yahoo, Microsoft, Equifax, and Facebook grab all the headlines, the truth is that every business today is vulnerable to cyber crime. And small businesses may be more vulnerable than they think.
A cybercrime study conducted by Accenture shows that more than 40% of cyber attacks target small and medium-sized businesses. Yet only about one-quarter of small to medium-sized businesses carry cyber insurance.
Cyber insurance experts at The Hartford offer these guidelines to help you decide if your business needs cybersecurity insurance. If any of the following is true for your business, you should talk to an insurance agent about adding cybersecurity protection:
- You collect, store, send, or receive personally identifiable information on your work computers.
- You work in an industry with specific rules about safeguarding customer information. Examples include healthcare, finance, and education.
- You don’t have the financial resources to handle regulatory and public relations costs after your company suffers a data breach.
- You have a large customer base and would bear significant costs when complying with legal notification requirements following a data breach.
In plain terms, if you store personal information, including credit card numbers, addresses, Social Security numbers, and so on, your business can benefit from adding cyber coverage to your business insurance.
What Cybersecurity Insurance Does & Doesn’t Cover
Every cyber insurance policy is different. You can work with your insurer to build the right type of coverage for your small business. Here are some common elements to look for, according to Hiscox Insurance:
- Breach Costs: Even if you contain the breach before your information is exploited, you’ll still face costs associated with identifying and confirming the breach as well as notifying those affected.
- Cyber Extortion: Some types of data breaches involve ransom demands and other types of extortion. Cyber insurance can pay for expert consultation to help you decide whether and how to pay.
- Cyber Crime: It’s expensive to recover from a cyber attack. Your cyber insurance can help you recover the costs when you’ve been attacked.
- Business Interruption: If your business shuts down temporarily when you recover from a cyber attack, cyber insurance can help you recover lost income.
- Data Recovery: This covers repairing or restoring damaged data and software costs.
- Identity Recovery: Help victims of identify fraud related to your breach reclaim and restore their credit history.
- Privacy Protection: This may include coverage for claims against your business relating to negligence, violation of privacy, violation of consumer protection law, breach of contract, regulatory infractions, and security failures.
Most cyber policies contain exclusions, meaning types of damages that will not be covered under the policy. Here are some common examples:
- Criminal Proceedings: If your business ends up in court for a criminal investigation, your cyber policy will not help with the expenses.
- Intentional Acts: If you or any of your employees knowingly act to initiate or assist in the cyber attack, your policy will not apply.
- Property Damage: If the data breach started with a stolen laptop, for example, your cyber policy will not pay out for the loss of that laptop. You’ll need to make a business property claim for that.
- Funds Transfer: If the cyber attack involves the loss or theft of money or securities, your cyber policy will not insulate your business from those losses.
What Are The Most Important Types Of Cybersecurity Insurance?
When you work with an insurance agent to build your cyber coverage, you’ll want to go into the conversation already familiar with these types of cybersecurity coverage:
How Much Does Cybersecurity Insurance Cost?
The average cost of cybersecurity insurance is $145/month, according to Insureon. That adds up to $1,740/year. The following table breaks down the costs further, showing that 38% of Insureon’s small business customers pay less than $100/month for cybersecurity insurance.
Screenshot of Insureon webpage, captured 7/5/2023
That may seem like a lot to fit into your small business budget. But before you dismiss the cost of insurance, consider the cost of not having coverage. According to an IBM report on the cost of data breaches, the average US data breach costs a company $9.44 million. Suddenly, that $145/month seems like a bargain, doesn’t it?
The Bottom Line On Cybersecurity Insurance
Buying insurance is one of the costs of doing business. Although you may think the price puts cybersecurity coverage out of your reach, the unfortunate reality is that skipping business insurance can be more costly than paying for the coverage you need.
If you’re still wondering if you need business insurance in general, our guide to business insurance can help you understand how business insurance works, who needs it, and what types of coverage matter most.
Cybersecurity insurance can be critical coverage for any business that routinely handles sensitive data, such as your customers’ payment information for online orders. Talk to your insurance provider about what kind of cyber coverage your business needs.
Still looking for business insurance? Check out our list of the best small business insurance providers. Companies like The Hartford, Travelers, and Hiscox can help you add cyber coverage to your business owner’s policy or purchase a separate cybersecurity policy.
Note: If your business is very small, you may be able to buy an affordable policy through a smaller provider like Thimble or Next. Although you may be focused on how much coverage will cost and how you can pay for it, your first step should be contacting a provider or two and asking for a fast, free quote for the coverage your business need.
Cybersecurity Insurance FAQs
Kate Hoots
Senior Staff Writer at Merchant Maverick
Kate started writing on business topics in 1996, working for groundbreaking B2B newsletters Communication Briefings and The Competitive Advantage. She joined Merchant Maverick in 2020 and is an expert in business banking, insurance, and eCommerce. She has been featured on NBC TODAY, Yahoo News, GoBankingRates, Scripps News Syndicate, and CBS Radio. She has a bachelor's degree in English literature from Lewis & Clark College and lives in Canby, Oregon.
View Kate Hoots's professional experience on LinkedIn.
Latest posts by Kate Hoots (see all)
- 6 Best Workers’ Comp Insurance For Small Business - August 29, 2023
- Insurance For Sole Proprietors: How To Get The Coverage Your Business Needs - August 12, 2023
- The 10 Best Free Business Bank Accounts In 2023 - August 4, 2023
- The Best Commercial Auto Insurance In 2023 - July 24, 2023
- The Best Commercial Truck Insurance In 2023 - June 23, 2023
