Is Cyber Security Insurance Worth It? A CEO’s Guide

Home  »  Blog  »  Cyber Security  »  Is Cyber...

By Bill Minahan   |   August 22, 2019   |   1 Comment

Is Cyber Security Insurance Worth It: Here’s Your Guide

Cyber security insurance offers protection against electronic threats and data breaches. Businesses are beginning to include cyber security insurance in their overall security strategies. However, you might be wondering: is cyber security insurance worth it?

Data breaches happen with shocking regularity. Especially as businesses have begun to move to the cloud in recent years. Human error and misconfigurations have allowed a plethora of private information to be seen by anyone who’s looking for it.

Cyber security insurance covers you when the claims and lawsuits inevitably follow.Do I need cyber security insurance?

However, before you make a purchase, there are some things you should consider: Do I need it? What will it cost? What type do I need? And, most importantly, what will it NOT cover?

Who Needs Cyber Security Insurance?

Companies that process and store sensitive information like names, addresses, Social Security numbers, medical records, credit card numbers, or other financial information, need cyber security insurance—especially if it’s hosted on the cloud.

If you’re working with third-party vendors, then your risk increases. If a third-party business with access to your data isn’t diligent with security protocols, you’re still liable. Read up on third party data breach liability here.

Any business owner who stores, sends, or receives electronic data should consider cyber insurance to help cover the expenses if a cyber criminal infiltrates their network.

However, not every company needs the same amount of coverage and it’s easy to overpay.

What’s the cost?

For most small businesses, the annual premium for cyber security insurance ranges from $1,000 to $8,500 and depends on a variety of risk factors.

When you’re evaluating cyber insurance it’s important that you get quotes from multiple providers and require a customized policy.

There are two different types of cyber insurance: first-party cyber security insurance and third-party cyber security insurance.

First-party coverage includes protection from things like data breaches, ransomware, data loss, costs of notifying clients, and income your business lost due to the breach.

Third-party coverage includes protection from things like attorney fees, settlements, and government fines and penalties.

What does cyber security insurance NOT cover?

Cyber security insurance does not cover losses indirectly caused by a data breach or a cyber attack. The loss of intellectual property and damage to a brand are not covered.

Maintaining a positive image and protecting intellectual property are important aspects of any business.

That’s why the best approach is to work with a cyber security provider to identify and secure your company’s digital crown jewels, and then calculate and insure the remaining risks.

Cyber security insurance isn’t a substitute for a mediocre security program. If your company isn’t utilizing basic security features like multifactor authentication (MFA), then cyber insurance just adds to your costs.

Just because you have insurance doesn’t mean you’d leave your car outside running and unlocked.

Cyber insurance should be a safety net for when a cyber attack does hit. As the financial motive for cyber criminals increases, so does the likelihood of a data breach.

Data breaches are costly. The global average cost for a data breach in 2019 is $3.92 million, a 1.5% increase from 2018, according to a report from security intelligence.

Not every business feels the need to invest in cyber security insurance and that’s okay. However, if you’re investing in neither insurance nor a strong security program, then you’re putting your company at risk.

If you want to start the conversation about protecting your data get a free quote and assessment below.

Free Cybersecurity Assessment


Sally Driscoll, VP, AAI, CRIS The Driscoll Agency, Inc.

October 15, 2019 | 1:02 pm

Well said Bill.