In recent years, there have been an increasing number of costly computer hacking attacks. Many have been against large companies, such as Target and Home Depot. But smaller companies face computer liability risks as well. Virtually all businesses use information technology (IT) in some way—to communicate via email, to provide information or services through a website, to store and use customer data and more. Even a lost smartphone or a stolen laptop – not just hacking attempts – can compromise data.
New regulations and technologies mean new risks evolve and emerge at a rapid pace. Insurance experts now consider the risk of cyber liability losses to exceed the risk of fraud or theft. In this tumultuous environment, your business can take several steps to limit risks, including purchasing cyber liability insurance.
What are your cyber liability risks?
Your costs of response and remediation can be significant when someone compromises your computer systems, employee or partner data. Your business may be exposed to the following costs:
- Liability—You may be liable for costs incurred by customers and other third parties as a result of a cyber attack or other IT-related incident.
- System recovery—Repairing or replacing computer systems or lost data can result in significant costs. In addition, your company may not be able to remain operational while your system is down, resulting in further losses.
- Notification expenses—In several states, if your business stores customer data, you’re required to notify customers if a data breach has occurred or is even just suspected. This can be quite costly, especially if you have a large number of customers.
- Regulatory fines—Several federal and state regulations require businesses and organizations to protect consumer data. If a data breach results from your business’s failure to meet compliance requirements, you may incur substantial fines.
- Class action lawsuits—Large-scale data breaches have led to class action lawsuits filed on behalf of customers whose data and privacy were compromised.
What cyber liability insurance covers
Some standard business insurance policies, such as a Business Owners Policy (BOP), may provide coverage for certain types of cyber incidents. For instance, if you lose electronic data as a result of a computer virus or hardware failure, your insurance may pay recovery or replacement costs. To extend coverage for a fuller range of cyber liability risks, you will need to purchase a stand-alone cyber liability policy, customized for your business. This type of policy can cover several types of risk, including:
- Loss or corruption of data.
- Business interruption.
- Multiple types of liability.
- Identity theft.
- Cyber extortion.
- Reputation recovery.
Steps to reduce cyber liability risks
Because computing technology changes rapidly, there is no absolutely sure-fire way to protect digital data and computer systems. Sometimes, experts discover vulnerabilities in some technologies thought to be highly secure. Despite using OpenSSL, an online technology, for years, experts discovered that it was vulnerable to cyber attack. You may be able to limit your cyber liability risk by:
- Installing, maintaining and updating security software and hardware.
- Contracting with an IT security services vendor.
- Using cloud computing services.
- Regularly backing up data at a secure offsite location.