Your Cyber-Insurance Policy Could Result In Being Denied
August 15, 2023
You’ve all heard the stats – small businesses are the #1 target for cybercriminals because they’re easy targets, with a recent article in Security Magazine reporting that nearly two-thirds (63%) of small businesses have experienced a cyber-attack and 58% an actual breach. But what many still don’t understand (or simply don’t appreciate) is how much a cyber-attack can cost you.
That’s why one of the fastest-growing categories in insurance is cyber liability. Cyber liability covers the massive costs associated with a breach, which may include the following, depending on your policy:
If you want to make sure you don’t lose everything you worked so hard for to a cyber scumbag, cyber liability is a very important part of protecting your assets.
But here’s what you need to know: In order to get coverage, businesses are required by insurance companies to implement much more robust and comprehensive cyberprotections. Obviously, the insurers want the companies they are underwriting to reduce the chances and the overall financial impact of a devastating cyber-attack so they don’t have to pay out – and this is where you need to pay attention.
MANY business owners are signing (verifying) that they DO have such policies and protections in place, such as 2FA, a strength of password requirement, employee awareness training and data recovery and backups, but aren’t actually implementing them, because they assume their IT company or person knows this and is doing what is outlined in the policy. Not so in many cases.
Unless cyber security is your area of expertise, it’s very easy for you to misrepresent and make false statements in the application for insurance, which can lead to your being denied coverage in the event of an attack and having your policy rescinded.
If you have cyber liability or similar insurance policies in place, I urge you to revisit the application you completed with your IT person or company to make absolutely certain they are doing everything you represented and affirmed you are doing. Your insurance agent or broker should be willing to assist you with this process since your IT company or person cannot be expected to be insurance professionals who know how to interpret the legal requirements outlined.
What’s critical here is that you work with your IT company or person to ensure 100% compliance with the security standards, protocols and protections you agreed to and verified having in place when you applied for coverage. IF A BREACH HAPPENS, your insurance provider will NOT just cut you a check. They will conduct an investigation to determine what happened and what caused the breach. They will want to see tangible evidence and documentation that proves the preventative measures you had in place to ward off cyberthreats. If it’s discovered that you failed to put in place the adequate preventative measures that you affirmed you had in place and would continue to maintain on your insurance application, your insurance company has every reason to deny your claim and coverage.
If you have ANY concerns over this – including whether or not you need coverage, whether your coverage is sufficient and whether you are doing what you need to do to avoid an insurance denial, click here to schedule a quick consultation to discuss your current situation and to receive a referral to a cyber insurance expert we recommend.
Further, if you would like us to conduct a FREE cyber security risk assessment to show just how secure and prepared you are for ransomware or a cyber-attack, we can discuss that too! Just click here to schedule a phone consultation.
TOSS C3 is the trusted Cyber Technology Services provider in Massachusetts specialized in serving law firms, libraries, local governments, and healthcare providers throughout the USA.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.