The unfortunate reality today is that cyber crime is becoming more common and more sophisticated. Thankfully, there are several steps you can take to protect your business and safeguard clients' personal financial information from cyber criminals, including investing in something you may have heard about recently: cyber liability insurance.
What Is Cyber Liability Insurance?
Also known as cyber risk insurance, this is a new category of insurance for business owners that covers expenses associated with data breaches.
What it's not. It's not general business liability insurance, which protects against physical threats to your office, such as property damage, physical injury, and fire damage. In addition, it's not a computer security program that helps secure sensitive information with hardware firewalls, antivirus and antispyware alerts, computer updates, data loss prevention monitoring, and laptop encryption.
What it covers. This insurance provides protection against cybersecurity risks for financial advisors and other business owners. For example, your business may fall victim to a phishing attack, or a tech support vendor could steal your server while it's in his or her possession. These scenarios could cost your business tens of thousands of dollars for the credit monitoring costs alone.
The potential cost of a data breach is staggering. According to the 2014 Cost of Data Breach Study by Ponemon Institute, the average breach costs about $200 per client to remedy.
In the event that your business's data is compromised, a well-designed cyber liability insurance policy will cover:
- The costs of forensic investigations to determine what data was exposed and who must be notified
- Litigation costs
- Credit monitoring services for impacted clients
- The fees for hiring a public relations expert to help repair the business's reputation
It may also include coverage for data theft by employees, as well as content liability, which protects anything associated with the content of your website, blog, or other web presence from copyright and other intellectual property lawsuits. In addition, some policies may include coverage of third-party breaches, such as the one perpetrated by the recent Heartbleed bug.
So, Why Should You Purchase This Insurance?
You may be wondering whether you should invest in this protection. I believe that it's well worth the cost, since even the most inexpensive policy can help negate cybersecurity risks that are out of your control.
Consider, for example, your car. No matter how skilled and cautious you are behind the wheel, there's always a chance that you may have to pay for someone else's driving mistake. It's the same with your business's data. Compromised information isn't always the result of an intentional crime; it may be due to a mistake. A personal laptop can be stolen, an employee can misplace an unencrypted flash drive, or you can accidentally send an unencrypted CD to a client's home. Mistakes like these can be costly, but, thankfully, cyber liability insurance can help remedy them.
But even with the knowledge that their business would benefit from this insurance, some advisors shy away from it due to two common misperceptions: that they aren't vulnerable to cyber risk and that cyber risk insurance is too costly. First, all businesses are at risk from cyber incidents, especially with the heavy dependence on technology and third-party applications. Second, some policies start as low as $1,500 per year, with coverage in excess of $30 million, and there are several actions that may drive down premium costs even more.
Tips for Managing Premium Costs
To help offset the fees, consider taking the following steps:
- Create a written information security policy for your office and provide a copy to all employees.
- Create an annual training program for your staff to review key security topics.
- Implement a password manager at your office to generate complex passwords and remind employees to change them regularly.
For more specific information about cyber liability coverage for your firm, reach out to a local agent or a nationally recognized carrier. Coverage and costs will differ depending on the carrier you select and the type of insurance quoted. Annual risk assessments should be performed, which will ultimately help you decide whether you should purchase coverage. Insurance agents will help you identify where your security is lacking and offer solutions to fill in the gaps.
No one can predict the future or how technology will progress in the next few years. A comprehensive strategy that includes cyber liability insurance can help you protect your business from the many cybersecurity threats facing financial advisors. With this insurance to supplement your existing protections, you can enjoy greater peace of mind knowing that if your business is ever affected by a cyber incident, you'll have someone on your side throughout the recovery process.
Are you considering investing in cyber risk insurance? Do you currently have a policy for your business? Share your thoughts and experiences by commenting below.