As discussed in part 1, cyber insurance can protect your business against cyberattacks. In the second part of the series, the focus will be on how costs are calculated in cyber insurance.
How to Calculate the Cost of Cyber Insurance
A study performed by AdvisorSmith Solution Inc found that the average cost of a cyber liability policy in 2020 was around $1,500 per year for $1 million in coverage. But as needs change in the virtual world, there are many tailored policies. The core aspects of these policies and the factors that affect the cost of cyber insurance are:
- Risks: The larger your organization and the more protection you need, the more expensive the policy gets.
- Data Access: Involves how much people can manipulate, edit, send, or receive data. The more people can access data, the more expensive the coverage gets.
- Security: How much security do you have on your systems? Passwords? Antivirus? IT (Information Technology) best practices, are they in place? Effectively managed security can lower premiums.
- Industry: Will indicate how liable you really are for your data. It is much worse to lose medical data than a personal phone number alone. If you are in health or insurance a data breach is much worse than if you sell tickets for theaters.
- Claim history: Will indicate your behaviors regarding insurance. The more claims you have filed, the more expensive the policy will be. This item applies to all kinds of insurance.
When you add the costs that a cyber-attack could have on your business, your see why these policies can be expensive. In the case of a small business that needs to contain the crisis, respond to customers, deal with public relations damage, fix damaged hardware or software, recover lost profits, and cover the cost of any legal claims this could mean closing its doors. But with cyber liability insurance, small businesses can rest easy knowing they are covered.
How Much Cyber Liability Coverage Does My Organization Need?
This is challenging to figure out. An effective way to start is to calculate how much it costs to recover after your business experiences a breach. Ask yourself the following questions to get started:
- What measures would you need to take to inform your customers of the data breach?
- How long would these notifications take?
- Where do you store sensitive data?
- How much would it cost to replace any affected hardware or software?
- Would you need to bring in a consultant from outside the organization for cyber security?
- Do you have an in-house public relations professional to answer questions from the public?
Cyber Liability in Home Offices
Especially in the current context where workforces have moved from offices to homes, cybersecurity measures are urgent.
Entire workforces went from “an office” in which protocols for cybersecurity were in place, to their homes, where every employee is connected to the internet through their own connections, even though different Internet Service Providers. This can create several problems since on one hand no-one was fully prepared for this change and on the other hand home security is not enough to really protect sensitive data.
These unprecedented immediate changes brought challenges since cyber criminals took advantage of new security and human vulnerabilities. These challenges included bandwidth and unsecure connectivity, employee access issues and phishing, social engineering, and other “human” cyber risks.
Cyber Insurance helped with liabilities created by human error. But not all cyber insurance policies are equal, and these current conditions highlighted a few areas of concern.
Insureds are advised to look at key aspects of their own security, like having a proper anti-virus and anti-malware software in place to ensure protection.