New Cyber Security Liability Insurance Requirements: What You Need To Know For 2022

The option to ignore your company’s need for cyber security liability insurance has long since passed you by. It’s no surprise that with cyber advancement comes both opportunity and the ability for those who would abuse it. If you’ve been active in the online space for any length of time, chances are you’ve built something of value, and with value comes liability.  

Whether you’ve attracted an audience, produced digital assets, or built up an entire online empire, taking steps to protect yourself is a crucial element to the longevity of your investment. 

Cyber Security Liability Insurance

What Is Cyber Security Liability Insurance?

Cyber security liability insurance is first-party and third-party liability coverage provided to protect your company from cyber risks—ransomware attacks, data breaches, digital vandalism, and all the possible fallout that they bring. 

Cyber security liability insurance policies can alleviate the aftermath of specific situations. Most feature a mix of offerings and varying coverage limitations depending on the level of coverage your business needs. 

Unfortunately, one click is all that’s needed to cripple your organization. Keyloggers, trojans, and ransomware can cause massive damage to your operation. A malicious email or a phishing link breaks through and malware will infect your entire system. Getting your company network restored to full functionality could take weeks or even months without a proper cyber security company on your team.

Since the FBI’s Internet Crime Complaint Center (IC3) launched in 2000 to track cybercrime, they have received nearly 5.7 million complaints. That’s 5.7 million cyber breaches or attacks of various threat levels. Their 2020 report found a spike of more than 300,000 complaints over the previous year and reported over $4.2 billion in financial loss. 

Even with all the aftermath of COVID-19, there was no relief from cyber assault. With the growing trend of a remote workforce, the threat only intensified. According to BusinessWire, the cybersecurity market is expected to grow 6.2% each year until 2023. They attribute this primarily to new and growing COVID-19-related risk exposure. 

These statistics prove the risk of cyber strikes continues to be a mounting threat. Cyber security liability insurance can no longer be that task you push off endlessly due to lack of awareness or understanding. 

What’s New For Cyber Security Liability Insurance In 2022?

Part of protecting your digital assets and managing your footprint is protecting the economy as a whole. With the new year and new tech will come an increase in federal regulation and public frameworks from government institutions. 

New laws around cyber risk and liability may require greater disclosure of cyber security incidents and more detailed risk reporting. Policyholders may need to conclusively prove that they truly have the required controls in place. 

Depending on the size of your company, most providers will conduct a more comprehensive cyber insurance risk assessment. They want to know their exact level of risk and any associated costs. These assessments typically take the form of a thorough questionnaire or a detailed analysis that takes place over several weeks.

Please don’t fall into the mindset that you don’t have to take precautions because now you have insurance. Acquiring cyber security liability insurance is not a replacement for properly protecting your data and systems. Your operation needs to meet at least the most basic IT security standards in order to be considered for cyber security liability coverage. 

  • Your company network should be protected by a firewall.
  • All computers should be equipped with up-to-date antivirus software.
  • User access should be granted following a secure process.
  • Business data should be backed up periodically using external or cloud-based services.
  • You need your own liability insurance; the IT company’s coverage doesn’t count for you.

What Type Of Cyber Security Liability Insurance Do You Need?

The loss or theft of critical or sensitive data can negatively impact your reputation and disrupt the flow of your company business. There are several types of cyber liability coverage; knowing what’s available may help you decide what your company needs. 

Extortion Coverage

This is just like regular extortion except online and usually anonymous. You could receive a threat from an ill-meaning source, usually via email, that they will introduce malware or a virus of some sort into your system unless you pay an exorbitant amount of money. 

Typically, the costs covered by extortion coverage include money paid to meet demands, the cost of experts to ensure against future attempts, and sometimes the expense charged by professionals to negotiate with the attackers. 

Business Interruption Coverage

When there’s a system failure or cyberattack that causes a direct loss of income, this is called business interruption (BI). Coverage of losses due to interruption usually includes the cost of running the business, such as payroll and other operational expenses.

There are two important features to consider when selecting cyber liability insurance for BI coverage:

  • The waiting time frame, or how long before insurance compensation kicks in.
  • The restoration time frame, or the length of time granted for you to get back up and running.

For obvious reasons, you want to find coverage with a short waiting time frame and reasonable restoration time frame. 

Data Restoration Coverage

This insurance policy would cover the cost to replace or restore electronic data, any software programs, or damage caused by the hacker or their virus. 

Data breach coverage can help with costs related to:

  • Notifying any customers, patients, or employees who were affected.
  • Offering credit monitoring services to any victims of the data breach.
  • Hiring a team for public relations during or after restoration.
Incident Response Coverage

This is the most standard coverage in a cyber security liability insurance policy. This covers the costs of investigating, responding to, and eliminating any actual or potential cyber breach threats. This may include the legal costs, assistance in determining the level of reporting required to the government as well as any impacted entities. 

Essentially, this coverage is to pay the cyber security experts who will conduct the investigation and assessment of your cyber incident. Typically, they will help you establish a plan, determine internal and external roles, and potentially work through mock scenarios to prepare you and your team for the worst. 

Cyber Security Liability Insurance Requirements: Now What?

The question is not if your company is at risk of a cyber-attack or not. The question is: how great is your risk, and what are you willing to do in order to prevent it? Be prepared for the worst so you can expect the best possible outcome. 

To learn more about cyber liability insurance requirements and recent changes, subscribe to The Reboot where you’ll get candid conversations amongst several small business owners who also happen to be IT experts from all corners of the U.S., including our very own David Luft, CEO, LDD Consulting in Albuquerque, NM—one of Albuquerque’s premier cyber security service companies.