Cyber insurance provides robust financial protection to businesses if they incur a data breach and is an essential part of any risk management plan, according to a video released by the Insurance Information Institute.*

Cyberattacks and data breach-caused losses are the top risks facing businesses, a global survey of company directors by Willis Towers Watson and Clyde & Co. found.

“Insurers and businesses need to be partners in mitigating the risks posed by cyberattacks,” said Sean Kevelighan, CEO, of Triple-I.  “Governments also must play an important role in cyber risk mitigation through law enforcement and diplomacy.”  Some of the most significant cyberattacks in recent years have been traced back to foreign actors from Russia and China.

Unfortunately, in the aftermath of a data breach, most small and mid-size businesses incorrectly presume that any/all losses are covered under their property and liability insurance policies, according to Risk & Insurance which, like Triple-I, is an affiliate of The Institutes. Such confusion can lead to unexpected insurance coverage gaps for businesses.

What Cyber Insurance Covers

Even though ransomware—instances in which a business is asked to pay for the return of its stolen data—continues to escalate in severity, cost, and volume, there are recent lessons that can help businesses enhance their cybersecurity strategies.  Purchasing cyber insurance can lower the cost to a business in the event of a data breach involving sensitive information by covering damages that general liability insurance may not, including:

  • Legal fees
  • Repairing digital infrastructure
  • Restoring clients’ personal information
  • Recovering proprietary data

Insurers Are Partners in Mitigating Risk

A focus on resilience and pre-emptive mitigation is in order, and insurers are well-positioned to serve as financial first responders partners in managing these evolving hazards.  Businesses have a role to play in this regard, as well.

The first line of defense is creating a robust cybersecurity system, training employees to identify a potential attack, encrypting company data, and enabling antivirus protection. With only half of businesses reporting a consistent encryption strategy, and the cost of data breaches continuing to rise, organizations must do more to protect themselves and their customers.**