Does my business need Cyber Liability Insurance?

Winston-Salem, NC 8/22/2017

Anyone with a Web site now has the legal liabilities of a publisher.

The Internet has spun a whole new “web” of liability exposures.  Creating a Web site is simple. The exposures that come with it are not. Privately owned companies that venture onto the World Wide Web face liability exposures that are emerging, evolving, and complex.

Commercial companies that disseminate information to the public via Web sites face the same legal exposures as publishers, yet most have little or no concept of their resulting legal responsibilities. Moreover, new legislation continues to create potential liabilities, particularly in the areas of user privacy and domain name infringement.

2016 has come to be considered “The Year of the Hacker”, when companies like Target, LinkedIn, eHarmony, DropBox, and Yahoo got hit hard by cyber attacks that exposed private information for hundreds of millions of user accounts. With millions of customers transacting business online each year, it is important to understand your business's potential legal exposure to such a breach. In the event of an attack, are your business covered under our standard business liability insurance policy?

In most cases, the answer is no.

Liability for loss of customer or employee data is not typically covered under a corporate insurance policy. Some existing business insurance policies that offer general liability and directors and officers liability may provide a measure of coverage for those areas; however, most CEOs discover significant gaps in what is and what isn’t covered after an attack. Unfortunately, by then it’s too late.

A recent survey by Chubb Group of Insurance Companies found that 65 percent of public companies forego cyber insurance – even though they identify cyber risk as their number one concern. Meanwhile, a quarter of those surveyed are expecting a cyber breach in the coming year, and 71 percent have cyber breach response plans in place.

Ostensibly, high-profile and high-risk companies may appear to be at greater risk, but small-to-medium sized businesses are not immune. According to a recent study by the U.S. Secret Service and Verizon Communications, Inc., over 72 percent of all data breaches occurred in SMB businesses. The average cost of a breach? Over $5 million dollars, according to most financial analysts. The bottom line is that we are all at risk.

So why do only 35 percent of companies invest in cyber liability insurance?

For one, many executives don’t know that it exists. And even if they do, they probably do not think that an attack will happen to them, or they are not overly worried about the potential fallout of such a breach. However, for many more, the high cost of policy premiums is prohibitive.

Policy premiums are primarily based on your industry. For example, if you are an e-commerce company doing online transactions and storing data like credit card information, you are considered high risk for data breach and thus subject to higher premiums. Medical-related institutions hosting data, such as date of birth information, social security numbers and medical records, are also higher risk.

Fortunately, we’ve researched several keys to reducing those hefty cyber liability premiums. The most important thing is to reinforce your security practices before you apply – essentially trying to qualify for “good-driver” type discounts. Plus, boosting security not only helps to decrease the cost; it simultaneously decreases your overall risk factor to breaches.

How do you do it? Security experts agree that the easiest place to start is strong password protection, and yet it’s something that even IT-sophisticated companies often fail to master. Interestingly in all of those “Year of the Hacker” cases, the causes can be traced back to weak passwords that were either 1) not encrypted or “salted” or 2) not changed regularly. If managing passwords for all those servers, apps, cloud services, databases, tablets and laptops seems like a chore, there are affordable password management solutions that do it for you – with a price tags that pale in comparison to high-risk industry insurance premiums.

Other tips to help drive down premiums include:

  • Conduct regular risk assessments to reveal hardware, software and individual site vulnerabilities.
  • Create a written IT security policy that identifies critical assets and defines policies for physical security, account management, and backup and recovery among other areas.
  • Leverage firewalls, virtual private networks, anti-virus and anti-spam software and secure mobile solutions to secure network access and mobile devices.

We are not suggesting that you will avoid the need for cyber liability insurance if you implement these types of security reinforcements. In fact, this coverage is destined to become part of the standard business liability coverage form sometime soon, and customers, suppliers, boards and investors will insist that you have the appropriate amount to do business.

But what we have learned from the “Year of the Hacker” is that you can manage the cost – and the likelihood that you’ll become the next casualty – by putting some simple security controls in place today. 

Most importantly, please contact our agency so that we can help you analyze these complex coverage issues for your business. It’s always best to double check your specific situation and coverage needs.

Contains excerpts from Raj Sabhlok, Contributor, Forbes Magazine 1/18/13


View All News Articles

What Our Customers Say!

"Dee Edwards has consistently gone the extra mile to help us streamline the insurance coverage for our business.  Her follow-through in obtaining the required documentation for us to dispute an expensive, unnecessary requirement by one of our lenders has saved us tens of thousands of dollars per year.  Dee and the Wilson Insurance team have earned our business at each and every renewal cycle."

Mr. Bill Thomas CFO, M.A.L., Inc.

Read what others have to say.

What's New

Why every Board of Directors should carry D&O Insurance


Directors & Officers Liability insurance provides coverage for your own “wrongful act” while performing duties as a Director of Officer of the insured entity, or the "wrongful acts" of other board members. 

Why Do You Need Director’s & Officers Liability Insurance?

While an organization is legally permitted to cover the costs incurred as a result of personal liability stemming from the activities performed on behalf of the organization, this ability, called indemnification, may not apply to every situation.  The director or officer may become personally liable in their duties performed for the organization.

Read More »


What You Should Know About Rental Car Insurance
There are some very serious contractual gaps in coverage for rental vehicles. Even if you purchase their Collision Damage or Physical/ Loss Damage Waivers, many rental car contracts exclude the following:
  • Theft of the Vehicle
  • Tolling, or Turning the Vehicle Over
  • Lease Gap coverage
  • Loss of Use
  • Glass, Tire and Undercarriage Damage
  • Animal Collision
  • Flood and Hail Damage
  • Damage above the Windshield
  • Individuals who rent personal vehicles for extended periods and do not have a Personal Auto policy in force
  • Drivers who rent, and do not own another vehicle insured elsewhere, need to be expecially careful here
Read More »


5 Types of Cyber Criminals and How to Protect Against Them
Understanding the types of cyber criminals and their techniques can help protect your organization from a data breach. Here are some common threats and steps a business can take: 

Read More »