Cyber Liability Insurance is a relatively new product in the insurance world. And in today’s world, it’s something that more and more companies are in need of. It’s surprising how many companies are leaving themselves exposed to the risks associated with having a network, database, or online presence. A 2009 FBI Computer Crime and Security Survey reveals that 71% of American companies don’t have insurance that covers those risks.[i] Can you imagine 71% of businesses going without general liability or property insurance?
So what can Cyber Liability Insurance do for you? Is it something that you need? To answer those questions, it might be best to illustrate some scenarios that a typical company might encounter. As you read these scenarios, keep in mind that the average cost per lost record is $214, and the average cost to an organization for a data breach is $7.2 million.[ii] Those costs can add up and could overwhelm a company. Also keep in mind that these risks are generally excluded on General Liability and Property policies.
Scenario 1 – The Absent Minded Employee A company employee is taking a lunch break in a park before a big meeting. They accidentally leave their laptop on the park bench and head to the meeting. When they realize they forgot the laptop, they return to the park to find that it’s gone. The laptop had thousands of customer names, social security numbers, birth dates, and other personal information. It’s now your company’s responsibility to notify every one of those customers of the data breach. You may also be required to provide free credit monitoring for all those customers, as well as credit restoration for customers who may be affected by the breach.
Secnario 2 – The Unknown Vandal Your company’s computers are infected with a malicious worm that scrambles your customer database. No data has been stolen, but the database is now useless to your company. To repair the damage, you may need to enlist the help of a specialist, which probably isn’t cheap. In addition to repairing the damage to your database, you also have to think about how this might affect your business income. The cost of this attack can quickly add up.
Scenario 3 – The Big Simple Mistake When preparing to e-mail a critical report, an employee accidentally enters the e-mail address incorrectly and sends it out. The report contained personally identifiable information for over 2,000 customers. That information is now out in the open and your company must notify customers, provide credit monitoring and possible credit restoration. Each of these scenarios is something that might happen with any business. Despite a company’s best efforts to protect their data and customers, sometimes things just go wrong. If any one of these scenarios happened to your company, and you had the right cyber liability insurance, you would be covered for the costs to protect your customers and your company. In today’s world, these risks are very real for many companies and Cyber Liability Insurance should be something business owners consider as part of their overall risk management.[i] Darren Caesar “Cyber Liability Insurance: Don’t Run A Business Without It,” Network World, July 02, 2010.[ii]Symatec, http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=ponemon (accessed December 21, 2011).