CNBC reports that from 2012 to 2013, there was a 20 percent increase in businesses investing in Cyber Liability Insurance (aka “Data Breach Insurance” or “Cyber Risk Insurance”). The reasons for this are twofold:
- Price. As more companies purchase Cyber Liability Insurance, the cost of the insurance goes down. That’s because the risk pool is larger, and insurance companies are able to offer lower rates. This helps keep coverage viable (and attractive) for businesses of all sizes.
- Necessity. Cyber attacks are increasing and businesses are becoming more aware of the cost of an attack. High-profile cases like the Target data breach have "put a scare" into businesses and made them realize they are liable for customer data.
The 20 percent increase in businesses purchasing Cyber Liability Insurance is likely just the beginning of a trend as we see more and more businesses covering their data security liabilities.
This news has many implications for IT businesses and tech consultants. Let's examine them in detail.
Do Tech Businesses Need Cyber Liability Insurance?
The first thing you might be wondering is whether your business should invest in Cyber Liability Insurance as well. The answer to that is…maybe.
Truth be told, many IT companies don't need Cyber Liability Insurance, because the policy usually only covers data breaches that occur on your own network. Most IT consultants and tech professionals don't have much private data stored on their servers and networks. If they have data liabilities, they are from working with a client's data on a client’s network. Lawsuits about client data breaches are already covered by Errors and Omissions Insurance. This means Cyber Liability Insurance doesn't offer much coverage for the typical IT firm.
However, there are some exceptions. If your company hosts data, processes a lot of e-commerce transactions, manages databases on its own network, or stores sensitive data on its network, Data Breach Insurance can be a smart investment. Web hosts, database admins, big data analysts, and some other tech companies should consider Data Breach Insurance.
For most IT companies and programmers, though, this insurance is unnecessary. Often it's actually your clients who need the policy, which is why the news that this insurance is becoming more common (and less expensive) is good for you. You want your clients to be protected.
More Cyber Liability Insurance: What This Means for Tech Small Businesses
As more and more clients and small businesses invest in Data Breach coverage, IT contractors like you can benefit in three ways:
- Fewer lawsuits. When customers are better protected, you're more likely to avoid data breach lawsuits. Say a client is hacked, loses 1,000 records, and has to shut down the business for a few days. The client can sue you for lost revenue, data breach costs, and damages to their reputation. However, if the client has Cyber Liability Insurance, their insurance company covers the data breach expenses and new PR campaigns – some policies even cover lost revenue. In other words, when clients have coverage for a data breach, their expenses are more likely to be covered and they will be less likely to sue their IT contractors.
- Better data awareness. One of the leading causes of data breaches is human error and oversight. Many companies adopt unsafe data security practices because they don't know better. But now, as more people are taking data security seriously and beginning to realize that a data breach can have major financial impact on their businesses, they feel they have "skin in the game" and might be ready to be smarter about data security. More diligent clients means less worries for you, because client mistakes can lead to data breaches, which in turn lead to lawsuits filed against you. (For other tips on preventing client-error data breaches, see "The Million-Dollar Client Conversation."
- More business. More coverage means clients are ready to invest in IT security consulting and services. As more clients are starting to take their security seriously, IT consultants who offer security services are poised to take advantage of this new business opportunity. For years, companies have been under-investing in data security, but the tide appears to be turning and you might see a spike in customers asking you about data security.
Remember that as an IT consultant, you're responsible for helping clients manage their risk. If you're concerned about a client's data security, you can help them cover their liability by suggesting they invest in Data Breach Insurance.
Browse the TechInsurance Small Business Center for more risk management tips for IT companies.
