What is cyber liability insurance in the UK?
Most businesses now use computer-based systems for essential business processes such as customer data storage, email and payroll. Automated systems are quick, efficient and require less manpower than traditional manual techniques.
The bad news is that data breaches in online systems are now as much of a certainty as death and taxes. The good news is that cyber liability insurance in the UK provides you with a safety net which enables you to manage the risks related to a data breach and reduce the significant cost that can result from them.
A cyber liability insurance policy provides comprehensive cover if your business is targeted by an online attack by a cyber criminal or hacker.
What can a cyber liability policy cover?
Major financial losses can arise from cyber crime, and while most cyber liability policies primarily cover these they may also assist with the immediate management of the aftermath of a cyber attack – getting experts to restore infrastructures and recreate data. This can be crucial in restoring reputational damage or dealing with regulatory enforcement.
Social engineering frauds are becoming far more sophisticated and human error plays a big factor. If a member of your team inadvertently transferred £50,000 to a fraudster, what would be the impact on the business?
Cyber risks are considered to fall into first party and third party risks, and policies can cover either or both of these categories.
First party insurance policies can cover:
- Business interruption as a result of network downtime
- Loss of or damage to data and software
- Customer notification where there is a requirement to do so
- Cyber extortion, where a third party demands money in order not to release or damage data
- Loss of intellectual property or customers that arises from reputational damage
- Direct theft of money or assets via hacking and electronic theft
Third party insurance policies can cover:
- Loss of customer data, and payment of compensation in the event of denial of access or system failure
- Investigation costs, regulatory proceedings and civil damages associated with security breaches
- Multimedia liability to cover costs arising from publication of data in electronic or print media
Who needs cyber liability insurance?
Your company does not have to be doing all its work online or have a complex network of interconnected devices in order to need cyber liability insurance. If it relies on information which is stored electronically or it handles sensitive digital customer data (which is virtually every company today) then in a world of ever-increasing online threats, and in the wake of GDPR, it is more important than ever to be protected by cyber liability insurance.
This applies to businesses of all sizes, but small businesses are especially vulnerable. According to statistics from the Federation of Small Businesses, almost 10,000 cyber attacks are launched every day against small firms in the UK – equivalent to around 3.5 million per year. This means that cyber liability insurance should be high on the priority list for any business wishing to protect its future.
What are the risks involved with cyber security?
Data breaches and hacking are big news – they can go so far as to bankrupt a business. A cyber liability insurance policy can cover:
- Employees stealing hardware or data
- Employees sending incorrect data, losing hardware or falling victim to phishing attacks
- Data breaches as a result of outside providers with inadequate security
- Backdoor attacks via employers social networking accounts
- Employees accessing company data through their own portable devices
What is not covered in cyber insurance?
Every Insurance Policy wording is different, so its important that you check your specific wording under the Exclusion Section or What is Not Covered Section.
Ordinarily, Cyber Insurance will not provide cover for the following:
- Associated companies
- Bodily injury and property damage
- Infrastructure failure
- Domain name suspension or revocation
- Known claims and circumstances
- Liquidated damages, service credits and penalty clauses
- Loss of economic value
- Management liability
- Misleading advertising
- Patent infringement
- Payment card industry related fines, penalties and assessments
- Power and utility failure
- Product IP infringement
- Professional liability
- Property and hardware costs
- Regular hours staff costs
- Theft of funds held in escrow
- Uninsurable fines
- Unsolicited communications
- Wilful or dishonest acts of senior executive officers
Who is at risk?
Few businesses can function nowadays without using computers to some degree, whether it’s in an office at every desk or using mobile devices and working with websites, data servers or basic online software.
Large businesses are often at risk as they may find their employees’ computer usage difficult to monitor due to the sheer number staff members. Large businesses are a bigger target to cyber criminals and hackers due to the huge amount of data they have on their servers.
Small to medium businesses are open to attack and vulnerable to damage as they might not be able to afford security systems. In addition, they might not be able to pay for expert advice after a security failure. As a result loss of income, no possibility to cover legal expenses and reputational damage would be a disaster.
How much does cyber insurance cost?
There is no simple answer to this question as Cyber Insurance is rated off a number of factors, namely:
- Number of Personal Identifiable Information (PII) records held
- As an example – You may have Oliver Leyens on your records and hold my home address, e-mail address, personal phone number. That’s 3 bits of information, but the ICO would class this as one record
- Sensitivity of PII
- An entity that holds card information or processes card payments and retains passport information will pay more than an entity that just holds basic PII such as name, e-mail address, home address and phone number
- Insurers can also provide discounts to firms that have undertaken Cyber Essentials
Costs can range from anything as little as £250 per annum anywhere up to Tens of Thousands of pounds dependent on the above
If you are interested in finding out how much a cyber liability insurance would cost for your business, get in touch with us today and we can obtain a quote on your behalf.
At Heath Crawford we understand that you will do whatever it takes to protect your business, but we also know that no two companies are the same. Every business faces cyber security threats today, but there is no one-size-fits-all way to stay protected. It’s a question of finding an insurance provider who understands your business as well as you do, and who you know will be there to start rebuilding if the unthinkable happens.
The type of cyber liability insurance your small business needs depends on a wide range of factors, so talk to us today about getting insured and we will take your unique needs into account. We specialise in finding tailor-made policies that fit our business clients’ needs, and our expert team would be happy to talk to you about what cyber liability insurance can do for you.
If you would like to learn more on this topic, read our in-depth guide on cyber security for small businesses.
If you’re interested in Cyber Liability Insurance, please fill in the form below with your contact details and we’ll get back to you as soon as we can.