What is cyber security (or cyber liability) insurance?
Bad news first. As a digital business you're a prime candidate for data breaches and cyber-attacks. As an innovator, you need to be even more vigilant. If the worst does happen, it can have serious repercussions for your reputation, your clients' businesses, not to mention the cost of any legal fees, compensation claims and notifying those affected. It doesn't bear thinking about.
Now for the good news. Cyber security insurance will come to your rescue.
Covering you for breach of data protection laws (where insurable by law) and your liability for handling data, cyber liability insurance can also provide cover for extortion, system rectification costs, plus PR expenses and financial loss due to system downtime.
Who is cyber liability insurance for
Firstly, even if you're not 'in the cloud' or get 'big data', read on.
Few businesses can get by today without some form of technology, whether it's a website, data servers or basic online software. Even with a small IT footprint, cyber-attacks can still be a risk.
And if you're one of those whose whole world is 'in the cloud', your risk could be even greater.
What are the risks
Data breaches and hacking are big news, with frequent reports showing the damage they can do to business reputations, customer trust and the bottom line.
And it isn't just big businesses affected.
You also have data protection laws to think about, with penalties of up to £500,000 if your business fails to comply with the Data Protection Act.
The extent of your risk depends on the number and type of records you hold, along with the network security and backup measures you have in place.
The origin of data can also be an issue, as different data protection regulations apply to most overseas jurisdictions.
Things you can do
Keep track of the data you hold and if you don't need it, delete it. Anonymising personal information is another good way of staying protected.
If your data still lives in excel spreadsheets, then consider updating your systems. There might be a solution that not only provides security but also improves efficiency and productivity. Carefully vet all suppliers first, of course.
Finally, if you're not sure then seek professional advice – not everyone knows the latest encryption practices!
Things to watch out for
Cyber insurance is closely linked to professional indemnity insurance, so make sure your provider has a good technical understanding of how they work together.
Note that when you take out a cyber liability insurance policy, you will need to disclose the type of data you're holding. This is particularly important for financial information.
Also consult your policy if anything changes in your business, as this may affect its validity. Disclose things that change ASAP – even before they happen.