Can a business forgo a cyber insurance policy?

pexels-zhang-kaiyv-842649

Can a business forgo a cyber insurance policy?

While most companies store customer data or process transactions, only 20% have cyber coverage.

Frequently, business owners don’t understand how the price of cyber insurance policies is determined and what is covered under a policy.

Though the cyber insurance market in the U.S. is currently valued at more than $7 billion, it is forecast to reach more than $20 billion by 2025.

Considering the increase in cyber-attacks just since the COVID-19 pandemic, it has become increasingly clear that most, if not all, businesses that store customer data or process electronic transactions may be targets of cyberattacks. Yet only 20% of businesses have cyber insurance coverage, according to a survey conducted by Appalachian State University and Selective Insurance.

One obvious hindrance is that business owners don’t always understand how the price of cyber insurance policies is determined and what is covered under their policy.

The amount paid for a cyber insurance premium will vary based on the type of business and by-products offered through individual insurers.

Choosing cyber coverage

According to Insureon, 27% of small business owners pay less than $1,000 per year for cyber liability insurance and another 36% pay between $1,000 and $2,000 per year. Excluding high and low outliers, the median premium for cyber liability insurance is $140 per month. Cyber liability policies have limits that range from $1 million to $5 million or more.

Premiums are dependent on several factors, including the industry the business engages in, the exposure, the dollar limits selected, the type of coverage provided, as well as the chosen deductibles.

A small business such as a bakery operating on a regional basis with a limited customer base and a smaller revenue will likely pay less for cyber insurance than a national retailer that stores customer credit card information through in-person and online shopping.

Other high-exposure examples include medical clinics and hospitals that store protected personal information (PPI) within their potentially vulnerable databases.

Aspects that impact insurance costs include the limitations, deductibles and exclusions of the business’ specific policy. A business owner should carefully review the policy language since cyber fraud scenarios are constantly changing.

Read the fine print

The latest tale of an organization falling victim to a business email compromise attack on their credit card processor highlights how very specific the scenario needs to be to see a payout. A Texas-based company’s credit card processor was duped to modify disbursement instructions, losing more than $10 million.

A lawsuit following the Texas company’s cyber insurer’s denial of the claim demonstrates how policy language can make or break a cyber claim payout. In this case, the court found that for coverage to apply, the Texas company had to be the victim of the cyberattack per its policy language rather than the credit card processor.

When a business shops for a cyber policy, insurers will review the following for each business it considers insuring:

Infrastructure security. The insurer’s underwriters will audit a business’ controls and procedures to determine how vulnerable its infrastructure is to breach or attack. If, for example, a business has multiple vendors and a dated security system, the security may be more easily compromised. On the other hand, the more security measures in place, the lower the cyber insurance premium cost.

Training procedures. The risk of a breach or a loss is dependent on the training that the business’s users and information technology staff receive. Personnel should be trained to understand network security risks and, in the event of a cyber-attack, know what to do when one occurs. This is especially important given that phishing scams are the leading threat vector against businesses. Verizon’s 2020 Data Breach Investigations Report shows phishing as the leading threat action, followed by the use of stolen credentials and password dumpers. An insurer’s underwriter examines the mitigation procedures in place in the event of a cyber breach as part of their pricing model.

Loss history. Does the business have a history of breaches or losses? This history provides underwriters an understanding of past exposure and aids in revealing areas within the business that may be vulnerable to security flaws.

Type of data collected and stored. Businesses that store credit card data, financial information, or healthcare data tend to be more heavily targeted by cybercriminals. The type of information that the business collects and stores is used to help determine the risk involved.

Geographic location. The location of the business and its network infrastructure may factor into a business’ risk profile.

Regulatory requirements. Governance policies such as GDPR in Europe, the CCPA in California, and the Biometric Information Protection Act could increase the accountability of a business when handling sensitive data. If a business is found to have sustained a breach or failed to follow stated procedures, significant fines could be imposed.

Working together, small businesses and insurers can minimize the damage and claims that may result in the event of a cyber-attack by ensuring a business has the appropriate policy and coverage in place.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related posts

Workers' Comp

2025 Workers’ Compensation Trends: What to Expect

As the workforce continues to evolve, workers’ compensation is at the forefront of addressing new challenges and opportunities. By 2033, nearly one in four U.S. workers will be 55 or older, as reported by the Bureau of Labor Statistics (BLS). This marks a significant increase from just over 15% in 2003. The aging workforce brings new complexities, including a rise in chronic health conditions, comorbidities, and longer recovery times following workplace injuries. At Skyscraper Insurance, we understand that these trends require adaptive strategies. Tailored safety programs, ergonomic solutions, and a focus on preventive care and health maintenance are vital to ensuring the health, productivity, and safety of older employees. These measures don’t just mitigate risks—they also create a supportive and efficient workplace environment. In parallel, advancements in technology are revolutionizing the workers’ compensation landscape. Innovations like artificial intelligence and telemedicine are enhancing the customer experience, from streamlining underwriting and claims processes to providing injured workers with immediate access to medical professionals. The rise of the gig economy further underscores the need for dynamic, tech-driven solutions to keep pace with an ever-changing workforce. The importance of risk management is also reflected in recent executive surveys. In 2024, 23% of global executives identified employee risk as their top concern, surpassing all other business risks. Additionally, 42% believed they were operating in a high-risk environment, a notable increase from 31% in 2023. This sentiment highlights the growing recognition of the need for proactive and comprehensive workers’ compensation solutions. Looking ahead to 2025, businesses should prepare for potential shifts in workers’ compensation costs. Factors such as wage inflation, increased claim sizes, and market dynamics may lead to rising premiums despite a softer market. At Skyscraper Insurance, we are dedicated to helping businesses navigate these changes effectively. By staying ahead of industry trends and leveraging cutting-edge solutions, we empower our clients to maintain robust, compliant, and forward-thinking workers’ compensation programs. Together, we share your vision for a safer and more prosperous tomorrow.

Read More
Commercial Auto

How to Optimize Commercial Lines Insurance for Your Business in 2025

The landscape of small-to-medium commercial insurance has experienced steady growth in recent years. With global property and casualty premiums growing at an annual rate of 6-8% since 2018, the commercial lines sector has emerged as a critical area of opportunity. Factors driving this expansion include hardening market conditions, insurer exits from states like Florida and California, and a rising need for tailored coverage solutions to address unique risks. At Skyscraper Insurance, we recognize the importance of adapting to these market dynamics and providing our clients with tools and strategies to thrive. Here’s how businesses can make commercial lines insurance work smarter for their needs. The Power of Diversification Expanding into commercial lines is a proven way to increase profitability while mitigating risks. By offering cross-sector solutions — from specialized liability to industry-focused coverage — businesses can grow their client base while addressing underserved needs. Skyscraper Insurance makes this transition seamless, providing expert guidance and comprehensive options to diversify your portfolio effectively. Streamlining Quoting Processes Traditional quoting methods can be labor-intensive and error-prone, deterring many agencies from fully exploring the potential of commercial lines. With advanced technology, Skyscraper Insurance simplifies this process. Our integrated tools allow businesses to enter data once and receive competitive quotes from multiple carriers in minutes, ensuring clients receive the best possible options while saving time and reducing administrative burdens. Reducing Errors Through Automation Human errors in data entry can disrupt workflows and introduce risks. By leveraging cutting-edge automation solutions, Skyscraper Insurance ensures data accuracy across platforms. Our systems seamlessly integrate with agency management tools, minimizing redundancies and enabling faster policy renewals and claims processing. Embracing a Connected Future Commercial lines insurance offers vast opportunities, but success hinges on embracing digital transformation. Skyscraper Insurance provides the tools needed to connect management systems, automate renewals, and streamline carrier relationships. By adopting our “one-to-many” quoting model, businesses can optimize efficiency, improve client satisfaction, and drive profitability. Partnering with Skyscraper Insurance In a competitive and evolving market, having a trusted partner makes all the difference. At Skyscraper Insurance, we empower our clients with tailored solutions, innovative technology, and industry expertise. Whether you’re expanding your book of business or exploring new opportunities in commercial lines, we’re here to help you navigate the complexities of 2025 and beyond.

Read More
Try your instant quote