Technology has some obvious benefits. The computers in our pockets provide instant access to entertainment, information and work anytime we feel the urge; the applications we use everyday make it easier for us to get work done, manage our social lives and take care of our families; and social networks connect us to the people and world around us from the comfort of our own couch.
Technology can even protect us and our valuables. We put coded alarm systems in our homes and passcodes on our phones. We put our money in banks and then access it from easy-login screens.
But technology can also be used against us. We’ve seen it happen to many companies over the past several months. Between data breaches caused by employees, a software or hardware bug and cyberattacks by unknown and unseen enemies, technology has the power to be our downfall if we aren’t careful.
We have solutions for other unknowns that can hurt us, our families or our businesses. We use insurance to protect our financial well-being from unexpected medical costs, our homes from natural disasters and our businesses from data breaches.
For technology breaches, we have cyber insurance, a type of policy that is supposed to be designed to protect you and your business if you’re data is exposed. In an ideal world, cyber insurance does two things: provide financial security for your business and a team to help you navigate the complex legal and regulatory environment.
Issues with Cyber-Insurance
In reality, cyber insurance doesn’t always do what you need it to, though. Currently, there is no standard form or process for creating or implementing cyber insurance policies. Some companies provide a wealth of knowledge for their clients experiencing a cyber breach, and some that don’t.
But even the basics of what’s covered by cyber insurance hasn’t yet been standardized. Some companies add a line item for cyber insurance on policy statements, but will only cover the expenses a company incurs because an employee had their identity stolen. Other policies will only cover fines or penalties, but not a legal team or any IT inspection costs.
A good cyber insurance policy will have tools and other resources to help you develop mitigation and response plans and provide coverage for all fees, fines and expenses incurred because of the cyber event.
Identifying Cyber-Insurance
In spite of the confusion, cyber insurance has become a business necessity. You need a company and policy that will truly take care of you in a crisis. You need to be confident that what your policy covers is what you need.
Finding an insurance broker that you can trust to take care of your business is paramount. And trust is a gut instinct. It’s not something that can be communicated easily. It’s one of those “you just know” feelings. We can’t tell you who to trust, but we can tell you what red flags to look for, no matter what policy your seeking.
- The broker you’re considering didn’t ask about your business.
The key to finding the right policy is understanding how a business runs and how the policy would be used. Too many brokers tell clients they need a certain policy without actually taking the time to understand how that business runs and what it’s exposure risks are.The first red flag is whether your broker asks detailed questions about your business. If they don’t, they won’t be able to provide you the coverage your business needs.
Furthermore, it’s one thing to ask questions, but another to understand how you operate. Do you feel they understand your business well enough to provide coverage for all of your exposure risks? Do they have the tools and resources to help you build mitigation and response plans, or will they let you fend for yourself?
- The broker you’re considering didn’t explain what your policy covers.
Whenever an agent recommends a policy or group of policies, the first thing you should do is ask them what those policies will cover. Get specifics. If they can’t answer your questions, you shouldn’t be doing business with them.
You should also ask them how grouped policies will work together. Cyber insurance is only one piece of the puzzle, and often those policies aren’t set up to cover a financial loss should your money be stolen in the event of a cyberattack. And as ransomware attacks happen more and more frequently, you may need additional coverage to ensure your business’ stability.
The best way to ensure you’re getting what you need is to be prepared to ask questions. No one expects you to be an expert in the insurance world, but you should expect it of your broker. If they can’t answer your questions, can you really trust them with your business’ future?
