If you’re thinking about getting cyber liability insurance, read this article first. There have been some considerable changes in the cyber insurance market, which mean that it might not make sense for many SMBs to purchase – or even renew – their coverage.
Let’s take a look.
Definition: Cyber insurance
Before we dive in, let’s get a deeper understanding of cyber insurance. It’s a relatively new form of coverage that has emerged over the last twenty years. Because it’s so new, many small businesses don’t know about it. In fact, almost three-quarters of SMBs don’t have a firm understanding of cyber insurance, while 25% have no idea about it all.
Cyber insurance is a form of business insurance that aims to help businesses recover from the financial damages associated with a data breach or cyber attack. Your insurance can help you deal with costs relating to downtime, media and public relations costs, and even the cost of paying a ransomware fine (well, at least it used to!).
The insurance market has catapulted in recent years. PwC expects the market to reach $7.5 billion by the end of the decade. It’s easy to see why. Cyber attacks are one of the most significant risks SMBs face today and IBM found that small businesses spend an average of nearly $3 million per incident.
In this landscape, it’s no wonder that more and more businesses seek cyber coverage as a sort of ‘fall back’ in case they suffer a security incident. However, the cyber insurance of 2019 is not the same as the cyber insurance of 2022.
The market is currently undergoing a huge, groundbreaking shift.
Cyber insurance premiums are becoming more expensive
As we’ve mentioned, the cyber insurance market is in its infancy. This makes it tricky for insurers to predict steady, stable premiums. Most insurance companies create their premium prices based on historical data spanning many years, often with the help of tools like artificial intelligence.
However, insurers don’t have that backlog of data with cyber insurance. Their premiums so far have almost been like a shot in the dark – and it seems they’ve been far too generous. Most insurers are currently running at a loss, according to news reports.
This, of course, isn’t a sustainable business model. So, insurers are upping their premiums. In line with this, research indicates premiums have soared by up to a massive 100% over the last year.
But it’s not just a lack of data forcing premiums higher. It’s also the evolving and increasingly sophisticated nature of cyber threats. Stealthy, damaging attacks like ransomware and phishing have all escalated over the last year. Ransomware, especially, has been costing insurers a fortune. As a result, many insurers are removing ransomware coverage from their policies.
There’s another update to policies we’re seeing too. Insurers are putting more pressure on their clients to have robust security defenses. If they don’t, insurers either won’t cover them at all, or the premiums will be extortionate!
Should my company get cyber insurance?
While cyber insurance used to be a sensible idea, it might be more bother than help these days. If the cost of your premium will put a strain on your business, we’d advise instead, focusing on improving your defenses to prevent a breach.
After all, cyber insurance doesn’t stop a cyber attack. It just helps you to repair the damages. By contrast, a strong security posture can prevent attackers from even getting into your systems or stealing your data, in the first place.
Saying this, a few factors may push you towards purchasing cyber insurance. If you work in a highly-regulated industry, like healthcare or finance, cyber insurance might make sense. Similarly, if you handle a lot of sensitive, personal data, we’d generally advise getting cyber insurance.
But cybersecurity insurance and cyber defenses are not the same things. It shouldn’t be a case of one or the other. We’d always advise first improving your defenses before purchasing cyber liability insurance. This will also make your premiums cheaper.
We appreciate, though, that many SMBs don’t have the time, expertise or resources to create a robust security defense on their own. This is why we advise you to invest in working with a managed IT security services provider like us. We can help you protect your company from cyber attacks, data theft, and disruption.
Based on a tailored review of your business, we can even advise you on whether or not you need cyber insurance.
Does your company have adequate cyber security protection?
Don’t leave your company exposed in 2022. B-Comp Services can help your Denver area businesses with an IT security audit that identifies any areas of risks and provides solutions.
Contact us today for a consultation. Call at 303-282-4934 or contact us online.