Skip to Main Content
Corin Cook

By: Corin Cook on April 13th, 2021

Print/Save as PDF

5 Common Problems with Cyber Insurance

Business Insurance | commercial insurance | Cyber & Identity Theft

Nobody’s perfect. Yup, not even Oprah.

And this sentiment extends even beyond human beings. It actually applies to … well … everything.

That includes cyber insurance. After all, when it comes to insurance, cyber is obviously one of the newer types, so there is certainly still some room for growth in the product.

At Berry Insurance, we know cyber insurance and love cyber insurance. We think it is a really important part of a business’ liability insurance plan that can protect from damages related to cyber attacks. But we also recognize the places where it can fall short of expectations.

For instance, cyber insurance isn’t really going to directly prevent any cyber attacks, and if there is a cyber attack, there could be some instances where insurance might not cover anything.

But we’re getting ahead of ourselves. Let’s get into those issues and more below.

1. Cyber insurance doesn’t necessarily prevent cyber attacks

Getting cyber insurance might feel like a weight off your shoulders when it comes to fearing cyber attacks.

But it is important to remember that cyber insurance doesn’t actually prevent cyber attacks. Sure, many cyber insurance programs offer complementary guidance and services to help make cyber attacks less likely, but you are never 100% immune from the effects of a cyber attack.

If you did experience a cyber attack, you would still have to deal with the inconvenience and frustration of lost data, or potentially a lawsuit process. 

But the good news is, even though you will be inconvenienced no matter what, cyber insurance will at least pay for losses that stemmed from the attack and you won't have to worry about being out thousands of dollars from an attack.

2. Cyber insurance might not cover you if you aren’t following recommended protocols

When purchasing cyber insurance, it is important to understand your cyber insurance policy will not pay out if you don’t do your part to protect your company from cyber attacks as well.

Because cyber attacks are so common, cyber insurance carriers face a lot of risk of having to pay out cyber attack damages. To reduce this risk, many cyber insurance carriers require their policyholders have a specific strategy in place to qualify for cyber insurance, and to be eligible for payment if there was a claim.

And ensuring your business is adequately protected is completely up to you. To qualify for cyber insurance, you will need to meet certain cyber security requirements, but you need to be sure to maintain these requirements even after securing your policy, because if you do not and experience a cyber attack, your insurance may deny payment.

To ensure you are covered by your cyber insurance, you will want to at a minimum take the following steps to prove you are making your best effort to prevent any attacks: 

  • Implement a detailed cyber security strategy
  • Use security/antivirus software
  • Train your employees
  • Encrypt your information
  • Audit your network
  • Use secure, password-protected Wifi
  • Use unique employee logins and passwords

3. Cyber insurance might not cover the newest threat

Technology is evolving rapidly, and as it does, so are cyber threats.

And the thing is, cyber insurance can’t predict what the newest cyber threat is until it happens.

That means carriers won’t be prepared to cover these situations. So if you happen to be the unlucky one who experiences the first of a new type of cyber attack, cyber insurance might not cover you. 

4. Cyber insurance doesn’t always come cheap

As you can imagine, cyber insurance is an additional expense on top of your existing business insurance policy. 

And the costs can be unpredictable until you actually get a quote. Depending on several factors of your business and risk, the cost can vary widely. We generally see policies range from $500 to $20,000 per year or more.

One thing that could increase the cost is customization. Cyber insurance is heavily customizable based on specific businesses’ characteristics and needs, and with more customization comes a higher cost. So if you need a highly customized program, it could run your price up a little bit.

But seriously, even if your quoted premium is higher than you were hoping to pay, it doesn’t mean you should run from the policy. 

If you choose to not get cyber insurance and were hit with a cyber attack, you could be out millions of dollars, which would really make that cyber insurance premium worth it.

Cyber insurance shouldn’t be an added luxury - it should be a non-negotiable part of your business liability coverage.

5. It isn’t easy to determine how much cyber insurance you need

Determining cyber insurance limits isn’t as simple as determining limits for other types of insurance.

For instance, if you were getting a commercial property insurance policy, you would want your limits to cover the value of all your business property. There is a calculation you can do to get to the amount of coverage you need.

But with cyber insurance, it isn’t so cut and dry. There isn’t some calculation you can do to get you to the magic number.

So do you need $1 million limits? Do you need $10 million limits? Even more?

Unfortunately, you kind of just have to select what you’re comfortable with based on your perceived risks.

How likely is your company to experience a cyber attack? And if it did, how much money could you expect the loss and associated legal fees to be?

Some things to consider when evaluating your risk is your industry, the amount/type of data you have stored, and how many clients you work with, types of clients you work with, and how much your company is in the public eye. 

For example, if you work with highly sensitive information, the fallout from a cyber attack could be much more significant. If you have a lot of clients whose information could be breached, you have more potential lawsuits to worry about.

Each business is unique, so you really have to evaluate your specific cyber risks when selecting your limits.

We realize this may not have cleared up everything for you. After all, selecting limits is complex. So to see some realistic examples of cyber claims and what they could cost, check out this article Common Cyber Insurance Claims that Could Happen to Your Business.

Cyber insurance isn’t perfect, but it’s worth it

Like anything, cyber insurance has its fair share of imperfections. But that doesn’t mean it’s not a good product and it certainly doesn’t mean you should pass up on it.

Without cyber insurance covering your business, a cyber attack could cost you hundreds of thousands of dollars. These are the types of claims many businesses can’t recover from.

We know a cyber attack on Berry Insurance would be detrimental for instance, so we purchase a cyber insurance plan each year and reinforce it with a strong cyber security plan.

Speaking of which, in addition to cyber insurance, there are plenty of steps you can take today to protect your business from a cyber attack. Check out this article Ways You’re Making Your Business Vulnerable to Cyber Attacks to learn about some of your potential exposures, and how to fix them.

 

Cyber Scorecard Download