The internet has quickly become a staple in business practices. From communication and scheduling to banking and payroll, companies put trust in the web to safely manage a plethora of personal information. This has sparked the need for higher levels of online protection, in the form of cyber insurance.
There will always be crime and theft in business, whether it’s on the streets or the net. Cyberattacks are a very real problem in North America. In fact, 21% of businesses in Canada reported cyberattacks in 2017. Of these attacks, some companies were cut off from essential information. Others were pressured for a ransom to return access to their restricted data. Others were robbed of stolen financial details.
Cyber attacks come in many shapes and sizes, from run of the mill hackers to international cybercriminals. Fortunately, Canadian business owners can transfer the risk of these attacks by employing cyber coverage.
What is cyber insurance, and how does it work?
Cyber insurance, like most insurance, protects against the risk of lost finances and assets. In this case, it protects companies against the risk of cyberattacks. Christopher Reynolds of the Financial Post reports the average cost of cybersecurity in Canada to be roughly $14 billion a year.
Some of the expenses reimbursed by cyber coverage include:
- Financial loss due to inaccessible networks and data disruptions.
- Investigative services used to determine the cause of disruptions.
- Legal fees and awards connected to the loss of information and intellectual property.
The laws regarding cyber theft and cyber insurance update frequently. As this is a relatively new terrain for many businesses, there is insubstantial data to properly evaluate what standard coverage should entail. Fortunately, as more information is garnered, underwriters have a better understanding of how to measure potential financial impact.
How do insurance companies determine cyber coverage?
A health insurance provider would be hard-pressed to offer coverage to a patient with a pre-existing diagnosis. Cyber insurance providers also do their due diligence before determining candidacy. There are many factors involved in this process, all of which are used to assess current vulnerability and risk.
Companies hoping to receive a glowing assessment should compile a risk profile. This organized document outlines potential risks for cyberattacks and includes current safeguards against such risks. These could include:
1. Protection software.
There’s a variety of software available to protect internet users against scams, hackers, and infection. You can purchase anti-phishing, anti-virus, and anti-malware software through companies like Bitdefender, Norton, or BullGuard.
2. Employee awareness programs
Protecting your networks with software isn’t always enough. Employees should also be trained to avoid potential problems and react when an attack takes place. Cyber education shows insurance providers that you’re making every effort to protect your business regardless of cost.
3. Employing cybersecurity services
Just as on-site security teams protect your office space from unwanted visitors, theft, and vandalism, cybersecurity teams monitor your servers for problems. These contracted employees scan networks regularly to observe security strength, gauge weak zones, and deter cyber threats.
4. Shut down protocols
Shutting down your network during a cyberattack can protect important information if action is taken early.
When insurance providers see businesses are making strides to protect their assets, it increases the chances for coverage. Less risk means less potential for loss to your business and your insurance company.
Which businesses need cyber insurance?
All companies doing business online should invest in cyber coverage. However, it’s essential for those who manage private customer information to apply for coverage. One of the best examples of a company that should have invested in cyber insurance but didn’t is Sony.
In 2011, Sony’s Play Station Network was hacked, and 77-million accounts were robbed of personal information. Sony lost approximately $2 billion in the process and went on to accumulate 55 United States class-action suits and 3 Canadian class action suits by those affected. Sony was insured, but only for physical coverage. Their insurer, Zurich, refused to cover any losses accrued due to cyber attack.
Choosing the Right Cyber Insurance Coverage
With all this information at your fingertips, it's easy to see why cyber insurance is relevant in any industry. It does, however, leave the question, “how do I choose a provider?” Not all insurance companies are created equal. The firm must be informed about current cyber threats and the types of coverage required to protect against loss. Here are some tips to help you find the right coverage for your business:
1. Choose a provider with options
Most providers offer various forms of physical coverage, but few options for cyber coverage. Partnering with a firm with a selection of cyber protection packages highlights its authority on the subject.
2. Compare Deductibles Before Committing
Before insuring a vehicle, house, or property, consumers shop around for the best deductible. The same should be done for cyber insurance.
3. Confirm Specifics on Policy Coverage
A cyberattack could affect your business even if it wasn’t the original target of the attack. Some policies won’t support claims for damages caused by an untargeted attack. Similarly, cyber attacks aren’t always instantaneous. Selecting a company without time-restrictions on attack coverage is important.
4. Make a List
Before selecting a cyber insurance provider, make a list of what your company is looking for. This includes a maximum budget, required coverage — including ricochet attacks and extended timeframes — and how much experience a firm has with cyber insurance.
For more information about cyber insurance for your business, call Goodison Insurance at 905-451-1236, or contact us here.