Answering Myths on Cyber Insurance
Cyber Insurance is becoming more common in terms of knowledge of its availability, and awareness of some of the kinds of events that can happen. This is a step in the right direction for commercial business, and will lead to more Cyber Insurance purchases.
However, there is continuing confusion on some key exposures and coverage elements that cross industry groups. This creates the common myths of Cyber Liability Insurance. Knowing how to respond to these myths with prompt and concise information is important to demonstrating your own Cyber expertise and to closing the sale.
We have made a list of the 3 most common mths we hear of and crafted for you a way to respond to these assumptions that commercial insured’s make. These will be invaluable to you as you begin quoting more and more of this coverage.
We Outsource, therefore, we have no risk.
Countless commercial enterprises outsource their data storage, networking systems, applications and programs, and other aspects of their digital fingerprints to third party providers and cloud storage services. This offshoring of information and security management comes with it a sense of invincibility or lessening of risk.
Part of this comes from the contractual language and hold harmless or indemnification agreements. While these are both important and a necessity, they are not a replacement mechanism for your legal liability should an event occur. Mores noticeably, they often do not provide coverage for third party claims against the Insured, but instead, focus solely on the cost to correct any errors.
Regardless of the type of outsourcing being done, the Insured will maintain two areas of liability that cannot be transferred: 1. The requirement to notify impacted individuals, and provide them with support services, and 2. The potential to be sued as a result of an event.
No data, therefore, no exposure
Another popular response from a potential Insured is that they do not collect or store any data of their customers, therefore, they have no exposure. For example, this is often a response from a manufacturer, or a commodities broker- businesses dealing in paper invoicing and no direct retail contact.
While the risk of a broad information breach is minimized with the lack of valuable PCI or PHI records, the theft of this information is only one of many different types of exposures any one business faces. A manufacturer relying on automated machine technology could have costly business interruption expenses if infected by a virus or a victim of an extortion event. A commodities broker dealing in electronic transfers of payments for orders could become a social engineering victim resulting in Cyber Crime losses.
Understanding the kinds of losses any one industry class faces underscored for the Insured the real risk they face.
We are too small to be a target.
In the world of Cyber Insurance, size does matter. The largest corporations, governmental entities and nonprofits maintain Cyber Insurance, mostly due to the threat they face as a target BECAUSE of their size. Alternatively, small entities in these same classes do not purchase Cyber Insurance for exactly the same reason- BECAUSE of their size.
The truth about small businesses, governmental entities, and nonprofits is they are at very high risk for a number of events, and it in fact is BECAUSE of their size. Smaller commercial entities have less resources devoted to the management and maintenance of technology they use to run their businesses. They are big users of cloud services and outsourced providers. They are easy targets for cyber extortionists.
Many are considered to be a minnow used to get to the bigger fish. A hacker will gain unauthorized access into your systems for the purpose of gaining access to an even larger business partner or governmental agency you communicate with. When successful, they can steal that third party’s information or infect their systems, leaving you responsible for allowing it through your systems.
The moral of the story here is that small business has the same threat of being a target as any other business does.
Experienced Cyber Liability Brokerage Makes A Difference.
Unlike other wholesale brokers, we are not just making Cyber easier to market. US Pro is a featured speaker to associations and industry groups about Cyber Insurance throughout America.
Our webinars and seminars are in constant demand. We spend a lot of time on the phone with you AND your insured’s, easing concerns, identifying exposures, and closing deals.
Cyber is not an ISO coverage, it is not another D&O form. It is the first insurance, the most important insurance, and the insurance to be most likely used by any commercial entity. Underinsuring your customer by making the wrong Cyber choices can be a very expensive choice to make.
When making your Cyber choice, choose an experienced broker. It matters. Send your submissions to us today at firstname.lastname@example.org for same day turnaround service!