If you’d asked a business owner ten or even twenty years ago if they had cyber insurance, they’d probably have given you a puzzled look. Cyber insurance wasn’t always available for business owners and certainly wasn’t necessary a few decades ago.
With technology continually worked into the day-to-day tasks of your organization, it’s important that you cover all your bases, both physically and digitally. One of the ways you can protect sensitive information in your business is to purchase the right cyber insurance.
Like anything, many providers work loopholes into their coverage, meaning your business might not receive an insurance payout when you truly need it. Let’s go into the five commonly missed requirements for cyber insurance so that you can find the optimal policy for your organization.
#1: Intentional Acts
Although every business owner may argue that their employees would never commit cybercrimes, this isn’t the case. Businesses of all sizes, from the small local coffee shop to the growing manufacturing enterprise, face internal cybercrime risks. Utilizing security awareness training for your team, as well as a “Zero-Trust” security policy, are both great ways to attempt to alleviate this risk.
Unfortunately, some policies specifically exclude the coverage of intentional acts, making it important to research the terms of your current policy. If you find that you aren’t covered for intentional acts, it may be time to switch providers.
#2: Third-Party Business Interruptions
Technology isn’t foolproof. This means that business interruptions caused by third-party system failures can occur. If your computer system is owned by a third party and fails, leading to monetary implications, you might not be covered. One way that you can stay ahead of threats in this area is to perform annual vendor risk assessments on the third-parties associated with your company.
First, check to see who owns your computer system. Then, read through your current cyber insurance policy to see if there are clauses that exclude coverage in these scenarios. What did you find?
#3: Subsidiary Activities
As your organization begins to grow, you may have acquired an interest in a few businesses. Although the added revenue and expanded territory might seem like a win, you need to be sure your cyber policies reflect subsidiary activities. Some studies say that companies with subsidiaries can be more prone to cyber-attacks.
Cyber incidents that occur within a subsidiary in that you don’t have majority ownership or control may not be covered. This can present a significant financial loss for your business, leaving you to foot the bill.
#4: Criminal Proceedings
Cybercrime isn’t always an outside hacker stealing your bank account numbers or customer information. In fact, you may be unknowingly committing cybercrimes. Many insurance policies won’t cover criminal proceedings brought against your business, whether intentional or unintentional. This can result in legal fees, fines, penalties, and damages coming directly out of your company checkbook. We really don’t want this happening to you, criminal proceedings are bad enough without the added insult to injury!
#5: Prior Acts
Like health insurance, cyber insurance might not cover claims or knowledge of cyber liability before coverage begins. For example, if you have a pending lawsuit and switched providers, your new provider might not cover the lawsuit’s outcome. This makes it important to understand the impact of switching providers and the amounts your business might be liable for.
With most policy providers, you can choose to purchase prior events coverage, but it typically is not part of a standard plan. It’s important to assess your company’s unique situation and decide if you’ll need any coverage for past acts before purchasing.
Finding the Optimal Coverage
Finding the right cyber insurance coverage takes careful consideration of each of these factors. In addition, your industry can also impact the policy and provider that’s right for your situation. To analyze these factors and get your questions answered in greater detail, Register for Our Cyber Insurance Webinar!