Cyber insurance coverage for 2022

These days, cyber incidents tend to vary widely, and so do their consequences. You might have to pay to restore your data or replace damaged devices, and if your business operations are suspended, you’ll have lost revenue to worry about. In other cases where sensitive customer data has been breached, you could be on the hook for sizable settlements resulting from a lawsuit.

So, how do you protect against all the “what ifs” in the year ahead? You need to prioritize your cybersecurity, and that includes software to defend against threats and insurance to respond to attacks. Here’s a breakdown of the core cyber liability coverages you need, why you need them, and what else to consider to protect your business.

What is cyber liability insurance?

You can think of cyber liability insurance as a collection of first-party and third-party liability coverages to protect your company from a variety of incidents – like data breaches, ransomware attacks, or digital vandalism – and their fallout.

Specific coverages will focus on specific situations, and since different cyber insurance policies can feature a different mix of coverages and limits, it’s important to consider a policy in isolation. Don’t simply assume every cyber policy would provide the right terms for your business.

A policy with a low Waiting Period and a longer Period of Restoration will help you avoid out-of-pocket expenses that can follow a cyber incident.

3 crucial coverages (and one nice-to-have)

To be clear, a comprehensive cyber policy contains more than a few coverages, but  there are four to highlight. These are the coverages you can count on to rescue you from significant damage that can result specifically from cyber incidents.

Extortion coverage

In effect, Extortion coverage is ransomware recovery support: monetary reimbursement if you’re forced to pay a ransom for access to your system and/or return of your data. This feature can also cover the cost of hiring an expert to negotiate with the hacker on your behalf.

In 2021, the average ransomware payment increased by 82% to $570,000. That’s not pocket change, especially for a small business — and small businesses are definitely not immune to ransomware. In 2022, ransomware attacks are predicted to increase in size and severity, so it’s more important than ever to build up your defenses, including coverage to help if your cybersecurity falls short.

Aside from the immediate consequences of the attack, you could be faced with more involved, longer-term challenges. That’s where the next two crucial coverages come into play.

Business Interruption coverage

Business Interruption coverage is designed to compensate you for the loss of income that results from the downtime your company faces after a cyber incident.

If your systems are paralyzed, corrupted, or otherwise inaccessible following a cyber attack, your business could be sidelined for a while. And when operations are down, you lose your stream of revenue, and by extension, your income.

Most policies will provide reimbursement for loss of income, but extra expenses aren’t always included, like the costs involved in reducing your downtime and getting back to business. Here’s an example:

You run a restaurant and you’ve been hit by a cyber attack that makes it impossible to operate your POS system. You need to purchase some manual credit card processors to complete your transactions, and there are costs that come with that pivot: new materials, training, paying your employees overtime to handle the elongated process, and more. You’ll want to make sure you’re covered for those types of expenses.

There are two particularly important details in your business interruption coverage:

1. The Waiting Period: this indicates how long it will take for your insurance to kick in and help out.
2. The Period of Restoration: the amount of time you have to get your business back up and running (any loss of time or revenue outside of this window will be on you to cover).
   

A policy with a low Waiting Period and a longer Period of Restoration will help you avoid out-of-pocket expenses that can follow a cyber incident.

Data Restoration coverage

Data Restoration coverage is designed to cover the costs of replacing or restoring your stolen or compromised data when a virus, ransomware, or another covered cyber peril is to blame.

For most businesses, there’s an urgent need to swiftly and fully recover data after an attack. It could be a matter of reducing downtime to avoid losing money, or when client information is breached, a precious opportunity to reduce harm and restore trust in your business.

In some cases, you may need a third party to help with data recovery — experts who can salvage corrupted data. In many cases, you’ll also need a few other experts to round out your recovery effort, which brings us to our (very) nice-to-have coverage…

Incident Response coverage

Incident Response covers the expense of various expert services that you may need to use to restore security, remediate brand damage, and strengthen your organization to ward off future problems.  

A data breach can call for a thorough investigation by a computer forensics team to determine what went wrong and how to prevent the problem from happening in the future. You may also need legal counsel, PR firms, and ID monitoring and notification specialists to help your customers (and your brand) recover from the damage.

Since some scenarios call for a coordinated effort of many specialists, it can be an expensive part of the recovery process, so it helps to have support in place. Cyber insurance carriers work with panels of firms that have been vetted and educated on how to work within the claims apparatus.

Your cyber insurance coverage checklist

The four coverages outlined above can make or break your cyber attack recovery plan, but they’re not the only helpful features in your cyber policy.

Today’s cyber insurance policies include a range of supportive coverages. When you start your search, consider features that will:

• Help limit damage (physical and otherwise) during or immediately after a cyber incident.
• Cover the costs of properly responding to the event, as well as expenses related to longer-term recovery.
• Offer support for adjacent issues that can arise, especially those that directly impact customers.
  

If you’re wondering what would be best for your business, start by speaking with a knowledgeable broker who can walk you through the details of a cyber insurance policy. Need a broker who can help you with your cyber strategy?