Most companies purchase general liability insurance to protect themselves from potential lawsuits or claims resulting from accidents or injuries. They also have professional liability insurance to protect themselves against the cost of errors, malpractice or omissions in services provided to their customers.
Why don’t more companies purchase cyber insurance to protect themselves against first- and third-party claims arising from cyber incidents?
Now that the new Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been in effect across Canada for a few months, we wanted to outline some important reasons to get Cyber Insurance to protect your business.
1. DATA BREACHES ARE COSTLY
The average cost of data breaches at Canadian companies is going up. These costs are influenced by the number of records lost, the number of victims who need to be notified, the time it takes to contain the breach and get back to business, and post-breach costs (lawyers, public relations, whether outside forensic experts have to be hired), loss of business. Breach notification require businesses that lose sensitive personal data to provide written notification to those individuals that were potentially affected or risk hefty fines and penalties.
Cyber policies can provide cover for the costs associated with providing a breach notice and can also cover the associated regulatory fines and penalties.
2. CYBER INCIDENTS HAPPEN. A LOT
Cybercrime is the fastest growing crime in the world and nearly two-thirds of SMEs have been the victim of a cyber incident. Yet standard property or crime insurance policies can be restrictive in the cover they offer. Furthermore, as large companies get more serious about data security, small businesses are becoming more attractive targets – and the results are often devastating for small business owners.
3. COMPUTERS MAKE OUR LIVES EASIER – AND SO VULNERABLE
Technology systems are critical to operating your day-to-day- from electronic point of sales software to back office work flow management systems. In the event that these systems are brought down, a traditional business interruption policy would likely not respond.
Cyber insurance can provide cover for loss of income and extra expense associated with a cyber event.
4. IT TAKES A VILLAGE
Responding to a cyber incident requires a range of specialists – from IT forensics firms to specialist PR agencies – that help deal with both the immediate aftermath as well as the longer term consequences of a cyber event. Small and medium sized businesses, in particular, are facing an uphill battle; not only are they increasingly being targeted by cybercriminals but they are also unlikely to have the range of required incident response specialists in-house.
5. COVERAGE WORKS
Almost 9 in 10 Small and medium sized businesses say their cyber insurance covered the cybersecurity incidents they suffered with 87% reporting that their policy performed as expected. From recovering your data to protecting your assets and reputation, proper insurance coverage will ensure your business gets back on its feet quickly.
6. ARE YOU REALLY PROTECTED?
The No. 1 reason for not purchasing a policy is the belief that in-house security people and processes provide all the needed protection, with many business’ still believing they are not actually susceptible. Yet cybersecurity experts’ prevailing message is that cyber incidents are a fundamental fact of life – it’s not a question of if a data breach will happen but when.