Data Breach Costs Are on the Rise. Cyber Insurance Can Help.
“Is cyber liability insurance worth it?” We hear this question on a daily basis as businesses consider whether or not to purchase coverage. As more companies experience crippling data breaches each year, it’s become clear that few are adequately prepared with cyber coverage. Clients ask us about the cost of cyber liability insurance, but they should be asking how much it would cost them to try to survive a data breach without proper coverage.
At ProWriters, we help you understand the real cost of a data breach, why that matters even if you feel you’re prepared, and how a dedicated cyber policy could save your business should an incident occur.
The Cost of a Data Breach
While the average cost of a breach is $3.92 million globally, the damage to a particular company may vary significantly depending on the size of the organization and the nature of the breach. Though it’s often assumed that large businesses are the most likely targets, 43% of cyberattacks are aimed at small businesses and only 14% are capable of defending themselves.
Small and medium businesses (SMBs) are frequent targets because cybercriminals view them as less prepared and therefore more vulnerable. In a 2019 survey of decision-makers at SMBs, 18% listed cybersecurity as their lowest priority. Although 66% surveyed said that they believe a cyberattack is unlikely, statistics show that 67% of SMBs were affected by a cyberattack in 2019!
Data breaches are costing more now than ever before. Remember, hackers don’t have a maximum limit in terms of how much they can cost your business. Kaspersky’s 2019 IT Security Economics report found the average cost of a cyber incident for SMBs was $108,000. The study breaks down the costs of an incident by category:
- Third-party IT infrastructure incidents––$162,000
- Cryptomining incidents ––$115,000
- DDoS attacks ––$138,000
- Electronic leakage from internal sources –– $119,000
- Malware infection of company-owned devices ––$117,000
- Inappropriate IT resource use by employees––$116,000
Without cyber business insurance, you’d have to pay to hire IT forensics experts in addition to the immediate costs incurred by the breach. These expenses continue to add up for several years after the incident. For companies without adequate cyber insurance, they have to be paid out of pocket.
For large businesses, the costs of a cyber incident are even higher. Businesses with upwards of 1000 employees are defined as enterprises in the Kaspersky Lab survey, which found that malware infection of company-owned devices costs a whopping $2.73 million per incident. Other major expenses per type of incident include:
- Third-party device incidents ––$2.57 million
- Physical loss of company-owned mobile devices––$1.69 million
- Cryptomining attacks ––$1.62 million
- Ransomware attacks ––$1.46 million
- Physical loss of bring-your-own device ––$1.41 million
Third-party coverage for exposure is a particular problem for both SMBs and enterprises. Transferring services to a third party does not transfer liability. Thus, companies without cyber insurance pay the price when one of their vendors is attacked.
Who Needs Cyber Insurance?
Any business that uses technology is vulnerable to a cyberattack. That means that any one of these activities could leave you open to a hack:
- Accepting payments online or in-store credit card transactions
- Communicating with customers online or over VOIP phones
- Transferring documents electronically
- Storing personal information electronically
Even if your business doesn’t store sensitive information, it could still suffer a cyberattack. Especially in the case of SMBs, it may not matter what type of information your company stores. Motivated by financial gain, hackers can hold a network hostage or demand payment in exchange for restoring access to vital company records.
A ransom payment can be a significant loss, but the cost of a data breach often expands far beyond the ransom. Lost revenue from a cyber business interruption can be devastating, and restoring data can be both time consuming and costly. It’s one of the reasons why 60% of SMBs go out of business within just six months of a cyber breach, according to the U.S. National Cyber Security Alliance.
What Cyber Insurance Provides
The cost of cyber liability coverage is a small price to pay for a dedicated cyber insurance policy that comes with a panel of experts ready to help the moment a breach occurs.
Today, cyber insurance covers more than it ever has before. Competitive policies include preventive measures, as well as incident response planning in the event of a breach. Plus, cyber liability insurance often saves businesses more than they initially expect. According to the 2019 study from Ponemon Institute, the average cost of a single stolen record was $150. However, the study also identified factors that mitigate this amount, all of which are typically included as part of a cyber policy:
- Formation of an incident response team––$13.66 reduction per record
- Extensive use of encryption––$13.59 reduction per record
- Extensive tests of the incident response plan––$12.25 reduction per record
- Business continuity management ––$10.56 reduction per record
- DevSecOps approach––$10.55 reduction per record
- Employee training––$10.31 reduction per record
This means that a cyber policy alone can reduce the amount you pay in the event of a breach from the outset. The cyber insurance policies offered through ProWriters include access to all of the above features. In addition, ProWriters provides access to cyber policies that cover:
- IT forensic costs
- Notification costs
- Credit monitoring and protection costs
- Regulatory fines
- Fines and penalties
So, is cyber liability insurance worth it? The short answer is yes; the immediate costs of a data breach are significant and the long-tail costs are typically even more devastating. Cyber liability insurance equips you with mitigation measures, as well as the coverage you need to access the services of top cyber experts.
If you’re looking for coverage that will meet the unique needs of your clients, we encourage you to take advantage of the ProWriters Cyber IQ Platform. The platform allows brokers to instantly compare multiple quotes from different carriers, saving you the time you’d otherwise have to spend going to individual carriers. Partner with ProWriters to learn how we’re streamlining cyber liability across the industry.