There are traditional types of insurance that we are all familiar with: car insurance, life insurance, health insurance, various types of property insurance, and so on. Yet as we continue to modernize and participate in this ever-changing digital world, there are new calamities, new threats to our prosperity for which we must prepare.
Cyber Attacks Are All Too Real
On the precipice of the 2013 holiday shopping season, major retailer Target revealed that they had been attacked by cyber thieves. The thieves stole between 40 and 70 million credit card numbers belonging to Target’s customers. The immediate result was a severe hit to Target’s holiday sales that reverberated throughout the retail community. But the enduring consequence of the theft came as a major blow to the company’s reputation and credibility among consumers. As of this writing, Target is still sorting through the fallout from the cyber attack, and it remains unclear if they will ever regain their former luster as a top retail chain.
But that was Target, a large company that became quite literally a target for thieves. Surely smaller businesses are safer? Sadly, no. Smaller businesses are equally at risk, and the problem is compounded because those businesses often do not have the resources to try to recover from a crippling cyber attack. They have no risk management teams, no cyber security departments. Smaller companies without cyber liability insurance have no buffer between themselves and financial ruin in the event of an incident.
You Are Not Already Covered
Many business owners mistakenly believe that they are already insured against cyber crime through their standard property or crime insurance policies. Unfortunately, they are not. Often, those policies cover data loss or destruction, and not data theft. A server room catching fire and burning to the ground is one thing, for example, but a hacker breaching a company’s firewall and stealing its data from the computers in that server room is another thing entirely. It’s a distinction that catches many businesses off-guard until it’s too late.
This “non-physical” distinction also becomes a sly way for insurers to deny claims made against standard business interruption insurance policies. Hackers can initiate indirect, denial-of-service attacks that cause no physical harm to a company’s systems, but still render its internet services unavailable. This type of loss is not covered under their policy. When they do directly attack a company’s computer systems in search of data to steal, hackers typically erase logs and hard drives to cover their tracks. They install backdoor software and various other viruses onto machines. They generally leave behind a mess that takes much time and manpower to clean up and audit, with more and more money lost as the systems are returned to normal. Yet even this is not covered in a standard business interruption insurance policy. However, it would be covered in a cyber liability policy that fills in these rather severe gaps in coverage.
Even if you do not host your own data, you are still legally liable for its loss. This makes for a risky, almost untenable situation for business owners, who are left to just cross their fingers that their cloud provider does not make a critical mistake that essentially destroys everything they have built. This is no way to try to conduct business. This is no way to live.
Other Avenues for Data Loss
But sometimes there is no online attack from cyber criminals. Sometimes, a company loses its data due to a lost or stolen USB stick, smartphone, laptop, or tablet. As these portable devices become increasingly commonplace, the risk associated with keeping customer data is amplified. A cyber liability insurance policy will insure against data loss through these devices as well.
If we are to participate in the online world–a world of commerce and previously unimaginable profit-taking–then we must ensure that our participation is one free from harm. Since a company’s most valuable possession is its data, cyber liability insurance that protects against the loss of that data remains one of the most valuable new coverages a company could ever have.
About the author:
Austin Dickson writes for Insureon.com which specialize in cyber liability insurance for businesses.