What cyber insurance companies want from clients

Experts say it’s no longer a question of if, but when your company will be affected by a breach. Considering the high risk and potentially devastating consequences of a data breach or cyber-attack, more and more companies are turning to cyber insurance for protection. But is it something small businesses really need? Does your company meet the criteria to qualify for cyber insurance? What do cyber insurance companies want from clients? 

Let’s look at what cyber insurance can offer SMBs and what insurers will want to know about your company before approving you for cyber insurance. 

A cyber insurance policy can provide you with a range of coverage options to help protect you from data breaches and other cyber security issues.

Cyber insurance is also called cyber risk insurance or cyber security insurance. 

It will usually cover cyberattacks and data breaches that involve sensitive customer information, such as Social Security numbers, credit card numbers, account numbers, driver’s license numbers and health records.  

Cyber liability coverage may include: 

• The cost of investigating a data breach
• The cost of notifying your customers and the authorities
• Legal fees and compensation costs in case you get sued
• Legal fees if you face penalties by local or international authorities
• Some regulatory penalties and fines
• The costs of restoring lost data, systems, and your website
• Income lost and extra expenses if your business is interrupted
• PR/restoring your reputation and managing customer relationships

Make sure you read the details of your policy to see what it covers.

Any business that collects, stores and manages people’s personal data online, including contact information, sales records, credit card numbers, ID numbers and other personal information may be at risk of data breaches.  

Online retailers, healthcare and financial services and any other organization that store customer information on their websites can benefit from a cyber insurance policy. 

Most of the high-profile breaches that make the news involve huge corporations, so it may surprise you to learn that 43% of all data breaches actually hit small and medium-sized businesses, according to Verizon’s 2022 Data Breach Investigations Report.

Small businesses are a favorite target for hackers, simply due to a lack of resources.

Most small businesses say they do not have an effective plan in place or funds set aside to protect against a cyber attack or remediate the damages of one.

The lost revenue from business disruption and downtime, plus the reputational damage associated with data breaches can be especially devastating to new companies that are  struggling to establish themselves.

Cyber insurance can’t stop a cyberattack. But it can provide a safety net of coverage, plus expert help that could keep you from going out of business because of a data breach.

Insurers will want to see what your company is doing to protect personal data and manage security risks online.  

Show them that you have policies and procedures in place to protect PII, plus technology/software to support your efforts.  

Insurers may want to see that you use:

• Antivirus software

• Regular system updates

• Firewalls

• Regular data backups to external media or a secure cloud service

• User access rights and permissions policies

• Multifactor authentication  

• An incident response plan 

• Cyber awareness training for employees 

Insurers can deny you coverage if you do not continue putting your security policies in practice during the entire duration of your policy.