Cyber Liability Insurance
2013 Black Friday shoppers got a nasty shock when their Target purchases spoiled their holiday spirit via a massive data breach. However, the December 2013 data breach didn’t just squander the holiday spirit; it cost Target shareholders $148 million, a CEO and a large amount of consumer trust. Although Target’s earnings have dropped since then, the superstore will receive $38 million of insurance payout on the data breach from their cyber insurance policy, a kind of specialty insurance surging in the marketplace today. While the policy will aid in the financial loss, the retailer also has to worry about its reputation with consumers, as the breach comprised the personal information and credit and debit card accounts of as many as 110 million customers.
A year later and Target now stands among a handful of brands that have fallen to the PR and financial crisis that is a massive data breach. According to a report by the Ponemon Institute, an independent research firm for privacy, data protection and information security issues, 43% of companies experienced a data breach in the past year, which is up 10% from year before. Specialty insurance covers items or situations that are special or unique. In 2013, the total global losses due to cybercrime amounted to $445 billion, and the increasing rates of cybercrime have pushed the market for cyber liability insurance to grow rapidly. In the U.S., the market capacity for cyber liability insurance could reach up to $2 billion by the end of 2014, as companies try to protect themselves from the financial and reputational damages data breaches can have.
While cyber liability insurance stands as an obvious choice for large corporations, small businesses also benefit from this investment, since any company that has a website, uses social media or digitally stores customers’ personal records is at risk for a data breach. And while Target’s reputation suffered in the public eye, imagine if specialty insurance had not been in place. Even if a company chooses not to host data and uses a cloud provider instead, they are still legally responsible if a cyber attack occurs. Policy coverage can vary widely but will typically cover the cost of any necessary legal fees and money to cover losses, similar to other insurance policies. However, cyber liability insurance policies can do much more, such as covering the cost of notifying customers about the breach, social media liability and even crisis management.
The resulting financial losses of a data breach can be substantial, but a cyber attack can be just as harmful to a company’s reputation. Cyber liability insurance often pays for the loss of future sales that result from consumers switching to a competing company or brand. In addition, policies can cover the cost of hiring a public relations firm to assist in restoring consumer trust. Rebuilding a brand’s reputation after a breach can be complex, and PR agencies can assist in creating a coordinated response to win back consumers.
“The cyber threats that face businesses today are more sophisticated than ever, and the losses following a data breach can be catastrophic,” says George L. San Jose, President COO of The San Jose Group. “Cyber liability insurance is a valuable investment, but is most effective when it’s coupled with strategic PR plan to combat the negative press that accompanies a data breach.”