Cyber Insurance: Do You Need It?

You might be thinking to yourself, cyber insurance… is it really necessary?

Think about it this way - cybercrime damages will cost the world $6 trillion annually by 2021. A lot of these cybercrimes will be conducted over the internet as a Symantec study showed that in 2017 1 in 13 URLs were identified as malicious, an increase by 3% from 2016. Regardless, the internet has continued to become a large part of how organizations work and operate, and that trend is only going to increase as technology advances even further.

What will also continue to advance is the way cybercriminals try to attack businesses and exploit data online. For example, Symantec found the number of URLs resulting from malicious botnet traffic increased by 62.3% from 2016 to 2017, and the number of URLs resulting from phishing activity rose by 182.5% as well. While managed IT organizations and IT professionals will always do their best to set up IT infrastructures for success, technology will consistently evolve and change. In order to stay ahead of the curve, and have peace of mind, cyber insurance may be a practical investment for your organization.



Cyber insurance is a sub-category of general insurance that is meant to protect businesses and/or individuals against internet-based liability and risks. While general insurance may cover tangible aspects, it will not protect your organization's intangible information. Cyber insurance is typically broken up into 2 categories of coverage: first-party and third-party cyber liability coverage. The first-party coverage will take into account the direct losses to an organization, while third-party coverage will extend to claims taken by the organization's customers as well. Another way cyber insurance may cover your company is through a method called incident response, where your organization could receive support via legal services, public relations services, forensics, and much more. Coverage will look different for everyone, it will all depend on your organization as well as your provider, but a huge area of coverage for business is typically loss caused by a data or security breach. Cyber insurance may also cover trademark liability, business interruption caused by a data breach, restoration efforts, etc. 



Whenever there is a data breach, data isn't just compromised, organizations will almost immediately lose money as well. There will be legal fees and costs associated with the breach, as well as organizational downtime, forensic investigations, recovery costs, etc. The point of cyber insurance is to save your organization from all of those unforeseen costs if you are ever put in that position. With a study showing that 54% of companies experienced one or more successful attacks that compromised data, investing in cyber insurance has the potential to save you a lot of money.



According to Cyber Insure One, the cyber insurance market is expected to grow from $2.5 billion in 2015 to $7.5 billion by 2020, which shows that cyber insurance is becoming a standard component when it comes to organizations executing cybersecurity strategies. While cyber insurance is NOT a replacement for additional cybersecurity efforts, it will provide you peace of mind knowing you wont be left with piles and piles of costs trying to restore your business if you were to ever fall victim to an attack. It's all about asking yourself if you would rather know you are supported and covered in the event of a cyber attack, or if you would rather take the risk and deal with the costs later on if your business was ever impacted.

The right cybersecurity efforts will protect you, the right cyber insurance will give you peace of mind, but it is all about focusing on what solutions will best support your business. Don't overlook the rising statistics that reflect cyberattacks and data breaches each year, take time to map out solutions that will protect and reinforce your organization and your IT environment.