Most companies today do at least some of their business online. While this has streamlined operations and made things more convenient for businesses, it’s also opened them up to a new host of risks and threats, like hackers, malware, and online scams. And, it’s no longer just the Sony’s and Facebook’s getting hacked, small businesses are now being targeted by hackers more often than large corporations. Cyber Liability is a form of insurance that provides coverage and helps your business recover from data breaches and other cyber attacks. This can include the cost to get your databases back up and running, legal fees, or associated fines. A Cyber Liability policy helps pay for all the costs a cyber attack can incur on your business.

There are three main types of information that companies tend to store that, when compromised, can be extremely damaging to both a business and its clients.

  • Personally Identifiable Information – this includes basic information that may not seem all that important on its own, like a date of birth, but fraudsters can use even the smallest pieces of information to begin a larger scam. When this information is breached, a company typically must pay to notify those affected, and possibly provide credit monitoring. This is in addition to the cost of potential lawsuits, as well as the hit a company’s reputation takes. Examples of information types include:
    • Address
    • Banking Information
    • Date of Birth
    • Email
    • Name
    • Usernames
    • Social Security Number
  • Payment Card Information – this includes all forms of electronic funds transfer cards, be it credit, debit, or otherwise. Having this information breached could leave your company on the hook to pay for card reissuance for affected clients, fines, and potential lawsuits. This could also result in the suspension of credit card acceptance for your business from the credit card provider.
  • Protected Health Information – this type of information contains personally identifiable information as well as medical details. This can include demographic information, health care information, and physical/mental health information. All Protected Health Information falls under the guidelines of HIPAA. Because of this, a breach of this type of information won’t just result in lawsuits, but also legal ramifications and fines.

Not all cyber attacks involve the hacking of a database. Sometimes it can be as simple as an email. Cases of Social Engineering have found employees giving out confidential information to complete strangers. Social Engineering involves tricking employees into revealing information. For example, if a fraudster were to figure out the email addresses for a company’s management, they could then create accounts that look nearly identical. Using these look-alike accounts, they could then begin contacting employees, posing as management, and attempt to trick them into revealing confidential information, or worse. There’s also the threat of Ransom-ware, which can be sent to employees via email. If ignored and properly deleted, these emails shouldn’t pose a problem, but one overly curious employee clicking on a link they shouldn’t could lead to all of your systems being held hostage.

If your business handles or stores any clients’ personal information, payment information, or health information, you could be at risk for a cyber attack. Your business may not be a specific target, but if information were to be breached, you’d still be liable.  Traditional Cyber Liability insurance only offers 3rd party coverage for Security and Privacy Liability, meaning it’ll cover the cost of repairing damages for your clients if their information is breached or stolen.  What this doesn’t cover is the cost of getting your business moving past the breach, which could entail fines, penalties, forensic costs, system damage, and more.

Through RogersGray you can insure your business with Cyber Liability coverage that protects both your clients, and your business. This coverage offers Business Interruption Protection, which can help make up for income lost due to a system or database breach. It can also cover the previously mentioned fines, penalties and forensic costs, with limits up to $1 million. Contact an agent below if you have any questions, or to request a quote!

Matt Carnuccio

Consultant | Business Insurance

Matt is a Business Insurance Consultant at RogersGray Insurance. He specializes in Cyber Liability Insurance and works as an adviser to his clients, helping them design a risk management strategy that aligns with their own unique situation. He has 8 years experience working with emerging and middle-market companies that have sophisticated liability insurance needs. Matt also enjoys spending time with his wife and two children, and is passionate about saltwater fishing! You can connect with him on LinkedIn or by email