Not long ago we published an article that discusses what cyber liability insurance is, what it covers, what it doesn’t, and whether or not it might make sense for your business to invest in.
In this piece, we touched briefly on the matter of working with your insurance agent to select a plan that makes the most sense. As more and more businesses are accepting the inevitability of a cyberattack and turning to cyber liability insurance as an additional layer of business continuity, we wanted to explore this point more deeply.
Here’s the thing: cyber liability insurance is still a very new market. There’s no long-term data on these kinds of claims, which makes insurance carriers jittery. This means we have to be especially careful as we wade through the options that are available to us.
To help guide your business in the right direction, here are the questions we recommend asking to make sure you’re getting a plan that offers the level of protection you need – no more, no less.
How to choose the right cyber liability insurance plan for business
First, sit with the rest of your company leadership and ask yourselves the following:
- What is your risk profile? If your business handles sensitive data (PII, PHI, etc.), or if you’re subject to compliance regulations, you’re at particularly high risk. If you work with a company that is at high risk, you are at high risk.
- If/when you experience a breach, how much damage would it cause? What would it take to investigate and remediate the breach? To restore any lost data? To notify clients or members whose data may have been compromised? To prevent a similar breach from recurring? To keep your reputation intact?
- What is your tolerance? Are you comfortable just dealing with (and paying for) the consequences outlined above without any assistance? Or did you feel your heart rate spike as you read through those questions?
Cyber liability insurance is like any other insurance plan, in that the appropriate level of coverage is dictated by your level of risk and your tolerance for that risk; a brand new driver cruising around in a prized Lamborghini is going to want more protection than an experienced driver who would just as soon leave their rusty old sedan in the junkyard.
Most businesses will find that it makes sense to at least explore cyber liability coverage. At this stage, work with a trusted and objective insurance agent to determine:
- What does your company’s current insurance policy cover in the way of cyber liability? Is this sufficient based on your assessment of your risk profile and tolerance?
- Are there competitive comprehensive packages out there that will get you to the level of cyber coverage you’re looking for?
- Do you need a stand-alone cyber liability plan to supplement?
As we worked through this process, we found that – much to our surprise – our existing insurance plan offered far more robust coverage than any stand-alone plan we evaluated. Your business might come to the exact opposite conclusion based on your needs.
We hope this helps as you work to bolster your organization’s cybersecurity posture.
For more information on other critical security measures, here are a few other articles we've put together:
- Phishing vs Spear-Phishing vs Email Spoofing: How to Stay Protected
- How to Craft a Successful Security Awareness Training Program for your Staff
- Top Cybersecurity Stats Every Managing Partner Needs to Know