The Internet has opened up a world of possibilities for businesses. However, it has also opened up companies to more risk from data breaches than ever before.
eCommerce companies, by their very nature, are susceptible to cyber-attacks. While large, high-profile companies (such as Target) may appear to be at greater risk, small-to-medium sized businesses are not immune. According to a recent study by the U.S. Secret Service and Verizon Communications, Inc., over 72% of all data breaches occurred in small-to-medium sized businesses.
Most eCommerce companies have worked hard to minimize cyber risk, including becoming PCI compliant. But that doesn’t alleviate all risk. So how can eCommerce companies lower the risk of liability?
WHAT IS CYBER LIABILITY INSURANCE?
Cyber liability coverage is insurance coverage for liability that arises out of unauthorized use of, or unauthorized access to, electronic data or software within your network or business. It typically covers the spreading of a virus or malicious code, computer theft, extortion, or any unintentional act, mistake, error, or omission made by your employees while performing their job.
Cyber liability insurance cost is primarily based on your industry. For example, if you are an eCommerce company doing online transactions and storing data such as credit card information, you are considered high risk for data breach and thus subject to higher premiums.
WHAT DOES CYBER INSURANCE GENERALLY COVER?
While cyber liability insurance coverage may vary depending on what company is offering it, many provide similar types of coverages. The most common coverages are highlighted below:
First Party Coverages
This type of coverage typically includes various property and crime coverages. They also cover certain costs, such as notification expenses. The coverage typically consists of the following:
- Loss or Damage to Electronic Data
- Loss of Income or Extra Expenses
- Cyber Extortion Losses
- Notification Costs
- Damage to Your
Third-Party Liability Coverages
This type of coverage includes more than one type of liability coverage. These coverages apply to damages or settlements that result from covered claims. They also cover the cost of defending you against such claims. The coverage typically consists of the following:
- Network Security Liability
- Network Privacy
- Electronic Media Liability
- Errors and Omissions Liability
Other coverages that may be available under a cyber liability policy include various crime coverages such as computer fraud, funds transfer fraud, and cyber terrorism (acts of violence committed for political purposes). Some insurers have developed cyber liability policies tailored to specific industries. For example, one policy may be designed for businesses in the healthcare industry while another policy is intended for financial institutions.
How to Reduce Premiums
Similar to the “good driver” discount, insurance companies will take into account extra security practices you implement, to lessen the likelihood of a data breach. Extra security practices include:
Provide strong password protection for servers, apps, cloud services, databases, tablets, and laptops
Conduct regular risk assessments to reveal hardware, software and individual site vulnerabilities
Create a written IT security policy that identifies critical assets and defines policies for physical security, account management, and backup and recovery among other areas.
Leverage firewalls, virtual private networks, anti-virus, and anti-spam software and secure mobile solutions to secure network access and mobile devices.
The bottom line: Security is a big part of running an online business, and using cyber insurance can help to cover some of your potential liability.
WHAT ABOUT BUSINESS OPERATING POLICY (BOP) INSURANCE?
“Every eCommerce business should have a Business Operating Policy (or BOP). The cost is consistently about $500 for a year of coverage, so it’s not terribly significant. This will cover the basic liability for your business, including a home-based business,” offers Scott Scharf, Owner of Catching Clouds LLC, a company specializing in helping multi-channel eCommerce sellers grow their businesses by providing them with current, accurate, and actionable financial information about their businesses. But a BOP may not be enough. “Liability for loss of customer or employee data is not typically covered under a BOP,” notes Scharf.“ If you are an eCommerce business, you should have Cyber Liability insurance that covers a wide range of cyber threats. Companies can work with their current insurance broker but should consider getting a quote from a broker that specializes in Cyber Liability insurance.”
With ecommerce businesses relying heavily on the digital world, the internet and computer software that they use are always vulnerable to cyber threats, which can bring serious damage to important sensitive data and their reputation. Ecommerce businesses should consider the weighing benefits of having cyber liability insurance on their side today