You’ve no doubt heard or read a story about the impact of a cyber breach on a healthcare lab testing firm, large multi-national corporation, government or charity that has resulted in tens of millions of clients, citizens or donors being affected. Despite these types of high profile cases, many businesses are still unclear as to whether or not they’re actually covered for this type of risk or simply feel that cyber insurance coverage is not something they need.
We’d like to help clear up some of the misconceptions that are out there about cyber insurance coverage.
“I’m pretty sure I’m already covered for cyber risk exposures with my general liability policy.”
This is a common misconception among companies. Many business owners assume their current insurance policy covers cyber, but it often does not. Data isn’t considered a tangible property so it’s excluded under a property policy. Damages arising out of loss or corruption of electronic data, loss of income resulting from a computer virus or malware or DDoS, and certain expenses like extortion expenses are not covered under traditional liability or property policies. Having cyber risk and data breach coverage will go a long way if your business is impacted by a cyber breach.
“We’re not a mega-corporation, so we don’t need cyber insurance coverage.”
Cyber insurance is more than coverage against hackers – it covers human error and losses caused by employees. Almost half of all security incidents are caused by human error. What’s more, about 31% of reported breaches involved companies with fewer than 100 employees and nearly 70% of Canadian businesses have reported having a privacy incident in the past two years1.
“I’m sure I can manage on my own without having to get special insurance coverage.”
Ask yourself: Do you have an incident response plan, disaster recovery plan and a business continuity plan? A lot of businesses don’t. The untold impact of a data breach is the reputational damage it can cause to the company itself. Eighty-nine percent of Canadians will avoid doing business with a company in which they have privacy concerns. If a privacy incident is not properly handled, it can be devastating to the survival of the company.
If you’re still not sure about cyber risk coverage contact us. We can help you determine what you need to ensure your business is protected.