News & Media
man in hood using computer
Westend61 / Getty Images

Ransomware, Data Theft, Hacking? Consider Cyber Insurance

Cyber insurance is tricky because it focuses on intangible data. How do you value that and then insure potential risk? But in today’s world, it’s worth considering.

BOSTON – Most people have car insurance, life insurance, health insurance and even pet insurance. But how many people do you know that have cyber insurance?

I know, it sounds a bit like a scam, like flood insurance in the desert, but cyber insurance is a sound, practical concept that most, if not all, businesses should be investing in regardless of size.

Cyber insurance is a specialty insurance designed to protect businesses and their employees from internet-based risks and dangers. This can also include risks related to IT infrastructure, privacy and other tangential issues.

Considering how widespread the use of the internet is among businesses these days, and how much risk there is involved with doing business over the internet, it’s surprising that the cyber insurance market has stayed relatively small. I don’t know that I’ve ever seen a commercial or advertisement for it.

Cyber insurance can cover a host of dangers including lost or extorted data, thefts and hacking; it can also provide companies with liability in the event that their customers are adversely affected by a cyber-attack.

For larger companies, particularly companies that store their customers sensitive data, cyber insurance provides a sense of security in the event of a data breach. Insurance companies can provide a platform from which to recover from a massive loss. Of course, in an ideal world, such a loss would be prevented in the first place. But reality is much more complicated and having cyber insurance can come in handy when an attack inevitably does occur.

Of course, cyber insurance only exists because insurance companies have not caught up with the times. While a normal business insurer might protect against physical damage such as fires or loss from theft, they normally do not cover losses or destruction caused virtually. Cyber insurance companies arose to fill the gap.

One of the issues that arises is that it can be difficult to determine risk with the internet. And it’s the same for value. Is a customer’s name valuable data? What about their shopping habits? Or their passwords? How do you assign value, and therefore risk, to something that is intangible? This is likely one of the reasons more traditional insurance companies are lagging when it comes to covering their clients’ virtual assets.

Since most cybersecurity experts agree that there are too many barriers to 100% risk mitigation, cyber insurance seems like a relatively simple backup plan to me. I’m not a business owner, but I suggest anyone that does own a business look into cyber insurance. Because even if you only have three employees and a handful of clients, some protection is better than none.

© Copyright 2021, The Lawton Constitution. All rights reserved.