Business owners know there will always be liabilities connected to running that business. But now there’s another “liability” to add to the list: data that must be protected.
There are ways to safeguard your business against the liability of data loss, not the least of which is cyber liability insurance, which is a very specific policy that should be tailored to your business.
But before we get into details about that, let’s review why it’s becoming so important to have it. Protected data is anything that contains two or more pieces of PII (Personally Identifiable Information). PII is any data that can be used on its own or in conjunction with other information to identify, contact or locate a single person. For example, a name combined with either address or phone number constitutes PII.
Since this type of information can be used to steal identities for monetary gain, it has value, and cybercriminals are constantly trying to get their hands on it. When PII data is stolen, that’s a data breach. There are both state and federal statues in place that cover such breaches; business owners may be fined for the breach and may be responsible for notifying and protecting the persons impacted in a breach. Some actions you, as an owner, may need to take following a data breach may include notifying the state’s attorney general, sending out written notifications, and providing identity protection services to those impacted. All-in-all, the cost of a data breach can range from $150 – $300 per record. And that can add up to many thousands of dollars. For a lot of businesses, the presence of statue and the lack of insurance creates an unfunded liability.
Standard insurance, including umbrella policies, absent a cyber liability policy, will not cover these expenses go to my site. Some commercial policies have a low-cost rider that may include some cyber liability, but in most cases these will leave you under-insured and majorly exposed.
Cyber liability is a very specific coverage that should be tailored to a business. The application for such a policy is substantial and detailed. When applying, you should expect to answer a myriad of questions about your business, including information regarding revenue, headcount, your customers, types of data stored, current breach prevention measures, and much more.
While purchasing cyber liability insurance is an important step to protecting your business, simply going through the application process is eye-opening, and therefore recommended for all businesses. At the very least, the exercise will get you going in the right direction toward protecting your data, and ultimately, your business. If you have too much risk, the insurance company will deny your policy application and explain why. If your policy is too expensive for your budget, you may be able to invest a little more in preventative measures to reduce your risk.
If you find the application a little overwhelming – and most business owners do, please feel free to call us at 203-744-2274. We have helped many companies through the process and knowing your own cyber security stance is an important byproduct of the exercise.