The importance of cyber insurance
January 10, 2024One in three businesses in the UK – and as many as two out of every three large businesses – suffered cyber attacks in the previous year, according to the Cyber Security Breaches Survey published by the Department for Science, Innovation & Technology on the 19th of April 2023. What is more, the government’s official National Cyber Security Centre on the 14th of November 2023 warned that such threats are “enduring and significant”.
The revolution in the technology of business has made it a dangerous world in which enterprises strive to operate. Even for a small to medium sized enterprise, for instance, the Association of British Insurers (ABI) has calculated that the average loss from a cyber attack is at least £15,300. The ABI has also estimated that some 6,500 cyber crimes are committed every day.
The perils
Fortunately, cyber insurance exists to protect your business from the fallout of such attacks. But, first, let’s take a quick look at just some of the wide range of potential perils:
- phishing – according to official statistics, phishing attacks account for the overwhelming majority (almost 80%) of threats to businesses and these occur when criminals attempt to trick you by sending emails, text messages, or phone calls into visiting a website where a virus infects your computer systems or bank details, and other personal information is stolen;
- impersonation – another frequently conducted scam comes from those impersonating otherwise reputable organisations and websites;
- malware – viruses, spyware, and other malware can also be used to infect your computer systems and recent years have seen a significant increase in attacks by ransomware under the threat of denials of service;
- hacking your accounts – attacks may be made through the hacking, or attempted hacking, of your business or personal bank accounts, with the culprits ultimately taking over complete control of those accounts;
- in addition, there are all manner of ways in which cyber criminals can gain unauthorised access to your company’s files, data, and networks.
Cyber insurance
Cyber insurance can protect you against a wide range of threats, perils, and financial losses that you and your business may face from these kinds of attacks.
As with any insurance, of course, the precise nature and extent of the protection offered will vary from policy to policy – but there are common features you are likely to find whatever cyber insurance you buy.
As the ABI explains, cyber insurance offers indemnity in the event of financial losses resulting from loss or damage to your IT systems, networks, and the data stored in them. This can be the result of accidental loss or damage or from unauthorised access or attacks that breach your IT privacy and security.
When the privacy and security of your IT systems are breached, the costs may be substantial – and those losses need to be protected by your cyber insurance.
The losses can come from the expenses incurred in:
- notifying your customers that a breach has happened;
- any IT forensic investigation you may need to carry out;
- the cost of hiring a call centre or public relations specialists to respond to calls from clients;
- the cost of reporting to the relevant industry regulators of your business; and,
- the cost of legal fees as you defend your company against claims from affected clients or suppliers.
Cyber insurance may be configured in a way that indemnifies your business against liability claims from third parties affected by cyber attacks against your enterprise.
Other areas where you may rely upon the protection provided by cyber insurance include defences and responses to attempted extortion, malware, and ransomware. Insurance can also protect your digital assets (such as data, images, drawings, and web content) from theft, loss, or damage.