Cyber events are incredibly costly. A staggering 60% of businesses fail within six months of a data breach. According to Cybercrime Magazine, cybercrime will cost the world $10.5 Trillion annually by 2025. In 2020, the average total cost of a data breach was $8.6 million. With threats such as Ransomware, Business Email Compromise, Phishing, and the like, having a Cyber Liability Insurance policy is no longer an option. It is an absolute must. But, how do you decide how much Cyber Liability Insurance to purchase if you’ve never been through a cyberattack?
Defining First-Party and Third-Party Claims
First, let’s cover a few terms. When it comes to your policy, you will want coverage for both First-Party Claims and Third-Party Claims. Damages suffered directly due to a breach, such as damages to hardware, software, and data, business interruption, extortion, and notification costs, are examples of First-Party Claims. When a third party sues the insured for network security liability, privacy liability, media, fines, and penalties, it is considered a Third-Party Claim. Most Cyber Liability policies also cover pre-breach risk control services and post-breach services that will help you immediately respond to a claim or threat.
Ways to Determine the Right Amount of Coverage
Understanding the liability risk to your business is tricky. If a breach should happen, what would the worst-case scenario be? You will need to quantify your cybersecurity risk. Sadly, companies that need threat analysis the most tend to overlook the necessity. As a result, they are usually under-insured for cybersecurity liability. You don’t want to be part of that 60% statistic!
When it comes to quantifying risk, using the Data Breach Calculator developed by Net-Diligence is a great place to start. The calculator helps determine potential claim costs based on a series of questions, including the number of records and the type of data exposed. The result is an estimate, but it does give a good idea of what a company’s claim costs may be in the event of a breach.
Industry benchmarking can also give insight. Knowing the limits of cyber coverage your peers are buying may provide some guidance in your decision-making process. Brokers tend to have this information available for their clients.
But, as the case is with any type of insurance, your budget will likely be the primary determining factor. Based on your estimate from the Data Breach Calculator and industry benchmarking, try to get as close to that number as economically feasible. You don’t want to shortchange yourself.
Whenever possible, double the amount of coverage that you buy. If you think $1m is enough, purchase $2m. When discussing options with your broker, ask for quotes for the higher option and buy it if you can afford it. You’ll never be sorry if you have more coverage than you need.
The Good News
In comparison to the risk, Cyber Liability Insurance is undeniably affordable. Typical policies have limits that range from $1 million to $10 million. A small company will generally need coverage from $1m – $2m, and the median cost with a $1m per occurrence limit and a $1m aggregate limit is about $145 per month or $1,745 per year. About 39% of small businesses pay less than $1,500 per year and 41% pay between $1,500 and $3,000 per year. The amount of sensitive data your company handles does factor into the cost.
Covering All Your Bases
As with any problem, prevention is vital. It is important to have an organization-wide security strategy. FUSE3 supports our clients by taking a proactive approach. We are constantly working to prevent trouble before it happens. Together, we can cover all of your bases, giving you “depth in your bullpen.” Contact us today for a free assessment.