The risk of a cyber-attack is a key concern for any business, especially against the backdrop of increasing malicious Russian-based attacks. We've put together some questions (and answers!) we're often asked about buying cyber insurance.
1. There are three main types of cyber security insurance (cyber liability policy, cyber crime extension and cyber social engineering extension). Should people take all three of these policy types out together?
This generally depends on budget. While core cyber data cover is fairly inexpensive, the cyber crime and social engineering extensions can be quite expensive. In addition, ransomware activity has increased significantly in the past 2 years, which has impacted on the price.
Read more about the three types of cyber security insurance here.
2. How much does cyber and data security insurance cost?Even though it’s different for every business, it is possible to give an estimate. For a small business with a turnover of up to £500, 000, then the core cyber data premium would be in the hundreds, low hundreds, £250 maybe £300 plus IPT (with a limit of approximately £50,000).
This is obviously impacted by any previous claims, type of business and operation. Adding cyber-crime cover and social engineering extensions would likely double the premium
3. How can business's protect against the risk of human error in cyber-attacks?
Approximately 72% of cyber losses can be attributed to human error, so this is a great question for businesses. There are a number of steps businesses can take to reduce human error, including having commercially-driven anti-virus software, firewall protection on your systems and 6 monthly training for employees (particularly in relation to phishing and similar hacking techniques, cyber crime and social engineering).
Even if a ransom payment isn’t paid, the cost of interruption to a business in the event of a cyber-attack can be significant. In one example, a client of ours faced huge business disruption. While the random wasn’t paid, the technical cost to overcome the encryption of all the clients’ folders, as well as to reinstate to the last back up was expensive, especially because they had 280 users who couldn’t use their systems for several days. In this case, the business interruption claim was the larger part of the claim.
5. We hear a lot about crypto currency lately. If there ever had to be a ransom payment in bitcoin, would the insurance cover that payment?
Yes, this would be covered by the insurance.
Find out more in our video with our cyber security expert, Dave Williams.
6. What sort of questions do independent brokers ask their clients to check that they have the right cover?
The role of an independent insurance broker is to help a client balance the cost of the policy with the risk they’re facing. We strongly recommend to all clients that they consider cyber liability insurance for their business on the basis that they’re over 20 times more likely to suffer a cyber liability type loss than they are fire or theft- making it one of the highest risks to a business out there.
7. Is the situation surrounding Ukraine, Eastern Europe and Russia and cyber warfare space having an impact on premiums at the moment?
We are getting warnings from our cyber insurers that there is more of a risk at present from Eastern Europe of ransomware type of attacks and other hacking. It is likely that this will impact future premiums.
8. What would be your advice to a business owner who does not have cyber insurance in place currently?
Speak to an independent insurance broker. It’s important to speak to a broker who understands what is covered in a cyber liability policy, as well as the specific risks your business faces
9. Is it considered in the industry that working from home, or remote working leads to potentially higher risk in terms of cyber crime?
Yes. Since the large increase in working from home due to COVID 19, there has been a significant rise in cyber breaches. It’s another area for a business to consider in terms of risk.
Conclusion
An independent insurance broker will be able to advise on suitable cover to protect against cyber-attacks and liability, specifically tailored to your business.
Contact us today to discuss your cyber liability insurance requirements.