Businesses of every size rely ever more heavily on technology and data to survive and thrive. But they are also learning how this reliance can leave them vulnerable. Cyber attacks have become more frequent and more sophisticated in the last year. How would your business cope with a breach in data security? What if that breach lost you customers, or affected your ability to trade and interact with suppliers?
Traditional insurance might cover electronic equipment against fire, flood or theft, but it won’t cover what is really important if your systems are breached or data is lost.
If you want to protect against the financial impact of cyber security failures, then make sure you arrange cyber insurance, also known as data protection insurance, for your business.
What is Cyber Insurance?
You are responsible for the data held within your business, as well – of course – for the quality of your computer systems. Any cyber attack or data breach can result in costly restoration and recovery of systems and data. Cyber and data protection insurance specialists can step in, to make sure any associated costs and loss of income are covered.
Prevention is hugely important, so proper cyber security, staff training and accreditations such as Cyber Essentials certification are all vital. But when things go wrong, as with other areas of your business, insurance should be there to minimise the costs and disruption. As awareness of cyber and data insurance increases, it is now the fastest-growing class of insurance.
What type of business cyber attacks are there?
There are three key types of cyber crimes reported in the UK:
- Hacking – where an external agent accesses your company’s systems
- Ransomware – where your data is encrypted and a ransom is demanded for its recovery
- Malware – where your data becomes vulnerable after a phishing attack
If sensitive customer data is subject to a hacking attempt, UK businesses must report breaches to the ICO as a breach of GDPR. In addition, cyber crimes should be reported to Action Fraud. These reports will be made public and thus lead to reputational damage.
How do I choose the right cyber insurance?
Cyber insurance can be known by many different names: cyber and data insurance, hack insurance, computer virus insurance, virus insurance and cyber liability insurance, to list a few. With so much variation, it can be confusing to know what comprises a good cyber insurance policy.
At Sutcliffe & Co, we advise that a good cyber and data liability insurance policy will cover the costs of both your own losses and third-party losses for which you may be held responsible. It will also cover accidental incidents as well as deliberate breaches, be they caused by your own staff or outsiders such as hackers or even suppliers.
This Guide to Data Protection, produced by the Chamber of Commerce in conjunction with local specialists, gives a great overview of cyber security for small and medium-sized businesses.
Why is Cyber Insurance important?
Negative impacts of cyber security breaches include:
- Temporary or permanent customer loss
- Time lost in business shutdown
- Computer system outages
- Personal and business data loss
- Reputation damage amongst customers and trading partners
Data security breaches aren’t usually covered in a standard business insurance policy. With 46% of businesses (Gov.uk Cyber Breaches Survey 2020) reporting security breaches in the last 12 months, more of us than ever are at risk of negative outcomes.
65,000 attempts to hack UK SMEs are occurring every day (CSO cybersecurity), with 1.6 million UK businesses suffering successful hacks every year. Cyber insurance specialists can provide your business with peace of mind should you fall victim to this common security risk.
What does Cyber Liability Insurance with Sutcliffe & Co cover?
We are proud to offer a comprehensive range of benefits within our cyber insurance policies. You can extend your cover to include:
- Payment of fines & penalties
- Payment of ransoms & extortion
- Cover for lost or disrupted income
- Costs of notifying your contacts
- Cover for physical injury/damage
- Incidents at your outsourced service providers
- The cost of phone hacks
- Social media risks
A good cyber policy will do so much more than present you with a cheque in the event of an incident. Sutcliffe & Co’s cyber insurance provides a comprehensive crisis management service, following an established process:
- Cyber or data incident experience
- Incident reported to cyber insurance company. Crisis management procedure launched
- Technical and forensic specialists pinpoint and stop the problem. Systems and data restored
- Legal experts appointed to ensure compliant response, acting for you in any legal or regulatory disputes
- Public Relations consultants minimise reputational damage. Contacts notified of situation
- Fines and penalties paid
- Defence costs and damages paid
How much does Cyber Insurance cost?
Without cyber insurance, you would need the equivalent specialists at costs in excess of £500 per hour each. That is before you even consider the length of time you could be out of action, the reputational harm and the other costs and damages you could face.
Don’t think your business is not at risk: if you employ people and they use computers, email or websites then you are vulnerable.
Cyber insurance premiums vary based upon your level of risk: face-to-face food service businesses will carry less cyber security risk than data-heavy financial or legal companies. Contact us for a competitive quote – tailored to your business size, industry and network security.
Many policies can be extended to include a range of benefits such as:
With Cyber Insurance sometimes being referred to as Data Protection Insurance, Hacker Insurance, Breach Insurance or Virus Insurance, it can be confusing to know what comprises a good cyber insurance policy. At Sutcliffe & Co, we advise that, ultimately, a good cyber policy will cover the costs of both your own losses and third-party losses that you may be held responsible for. It will also cover accidental incidents as well as deliberate breaches, be they caused by your own staff or outsiders.
A good cyber insurance policy will do so much more than present you with a cheque in the event of an incident; it will provide a comprehensive crisis management service along the following lines:
1. You experience a cyber or data incident
2. You contact your cyber insurance company who launches its crisis management procedure
3. Technical & forensic specialists are provided to pinpoint the problem, stop the problem and restore systems & data
4. Legal experts are appointed to ensure you respond in a compliant manner and act for you in any legal or regulatory disputes
5. Public Relations consultants act to minimise reputational damage and handle correspondence with your contacts, notifying them of the situation.
6. Fines & penalties paid
7. Defence costs & damages paid
Why will a cyber insurance policy protect me?
Without cyber insurance, you would be looking at hiring the equivalent specialists at costs in excess of £500 per hour each. That is before you even consider the length of time you could be out of action, the reputational harm and the other costs and damages you could face. And don’t think your business is not at risk: if you employ people and they use computers, email or websites then you are vulnerable.
ASK FOR A QUOTE