Cyber liability insurance protects businesses from losses or damages resulting from cyberattacks and data breaches. These expenses can include data loss and restoration, extortion, legal fees, and regulatory fines. Cyber liability insurance costs vary depending on your risk factors, but most small businesses’ annual premiums range from $1,000 to $7,500.
If you’re looking for cyber insurance coverage for your business, be sure to consider The Hartford. Their team of experts can assess your cyber liability coverage needs and provide a customized policy at an affordable price. Receive a free, no obligation quote in minutes.
Top Cyber Liability Insurance Providers
Cyber insurance coverage is still relatively new. However, the steady rise of cyberattacks has resulted in more insurers carrying products for businesses of all sizes. Small business owners may still have a hard time finding affordable coverage, so our list of top companies include small business specialists and brokers who can quote multiple carriers.
Top Cyber Liability Insurance Providers
| Provider | Best For |
|---|---|
| The Hartford | Business owners who want broad cyber coverage added to a BOP. |
| CoverWallet | Business owners who want to compare cyber insurance coverage from multiple providers. |
| CNA | Business owners who need data breach coverage for electronic and paper records. |
| Relations Insurance | Business owners who want an in-depth risk analysis. |
| Travelers | Business owners who want to reduce costs through cybersecurity training. |
The Hartford
The Hartford has a team of small business experts dedicated to identifying risks and finding the appropriate insurance solutions to cover them. Their years of experience can be invaluable to a business owner looking for the right cyber liability coverage for their specific operations. Business owners can get same-day quotes for this and other coverages by submitting an online application.
Small business owners who want to add a cyber endorsement to their business owner’s policy (BOP) should work with The Hartford. BOPs already combine general liability and commercial property, usually at a reduced rate, and The Hartford makes it easy to add either first-party or first- and third-party cyber coverage. Moreover, the endorsement has high limits — up to $500,000 for first-party coverage and up to $1 million for third-party coverage.
CoverWallet
CoverWallet is an online insurance brokerage that can help business owners get quotes from multiple carriers. The company works with some of the top business insurance providers, including Liberty Mutual and Chubb, to give small business owners an array of cyber liability options.
CoverWallet is ideal for small business owners who want to compare prices with a business insurance broker before they buy. Their application is easy to use and often returns quotes from all available carriers within minutes. Business owners can review these quotes on their own or contact an agent for assistance. Cyber liability policies through CoverWallet start at $63 per month for low-risk businesses.
CNA
CNA is one of the largest property and casualty insurers in the U.S. and provides small business owners a broad range of policies. Their NetProtect Cyber Liability policy offers worldwide coverage and has limits options ranging from $100,000 to $2,000,000.
In addition to its broad coverage, CNA’s NetProtect policy covers both electronic data and paper files. This is ideal for business owners who have cyber risks, but who may also keep traditional records.
Relation Insurance
Relation Insurance is a national brokerage that partners with insurance carriers of all sizes, giving small business owners the flexibility to get quotes for both standard risks and hard-to-insure businesses. Agents often specialize in a particular industry to give them a better understanding of their clients’ common risks.
Relation Insurance is the ideal brokerage for business owners who want to work closely with their agent to find the right coverage for their business. Relation agents provide a comprehensive risk analysis by interviewing key staff, analyzing historical losses and claims, reviewing current policies, and investigating cybersecurity techniques.
Travelers
Travelers is a large, well-known insurance carrier that offers small business owners a cyber liability add-on for their BOP called CyberFirst Essentials. This policy offers $25,000 limits on information security liability coverage and a minimum premium of just $150 per year.
However, the real standout for Travelers is their cybersecurity resources. The company offers a number of coaching services, readiness assessments, and training videos to help policyholders mitigate their cyber liability risk, making Travelers the top choice for business owners who want to reduce claims to ultimately reduce cyber insurance costs.
What Cyber Insurance Coverage Is
Cyber liability insurance is a policy designed to help businesses survive data breaches by covering the liability and property losses that may result. It is further split into two categories. First-party coverage is for losses and damage to your business, while third-party coverage is for losses your customers or clients incur in a cyber event.
Small business owners usually need first person cyber insurance when they store customer data, often in the form of credit card numbers or email addresses. However, businesses that want to protect proprietary information stored as electronic data may want first-party coverage, too. Third-party coverage is typically reserved for information technology (IT) businesses that are responsible for safe data storage, such as software developers and database administrators.
What First-Party Cyber Liability Insurance Covers
First-party cyber liability insurance covers claims related to data breaches and other cyberattacks on your company. Any business owner who stores, sends, or receives electronic data should consider getting first-party cyber insurance coverage to help pay expenses if a cybercriminal infiltrates their network.
Some potential costs first-party cyber insurance coverage pays for include:
- Costs of notifying clients
- Credit monitoring services for your business
- Public relations campaigns and goodwill marketing
- Income your business lost due to the breach
- Ransom (in the case of cyber extortion)
Depending on their business model, some IT businesses may purchase first-party cyber liability insurance.
What Third Person Cyber Liability Insurance Covers
Third-party cyber liability insurance covers your responsibility for your customers’ data. It’s typically purchased by companies that install or service IT infrastructure for other companies. However, other professions may need third-party cyber, including retailers, accountants, and insurance agents. Claims on third-party coverage might be triggered by accusations that your business failed to prevent a virus or disclosure of confidential information.
Third-party cyber insurance coverage typically pays for:
- Attorney’s fees
- Settlement or judgement against your business
- Government fines and penalties
- Defense before regulatory boards
Many tech professionals find cyber insurance coverage in their errors & omissions insurance.
First-Party vs Third-Party Cyber Insurance Coverage Examples
Let’s say you own a small retail business, and you suffer a data breach where your customers’ credit card information is stolen. First-party coverage would help your business survive by paying for your lost income and credit monitoring for your customers. However, you might also need third-party coverage in case one of your customers sues.
Now let’s add another layer to the scenario. Before the breach, you hired an IT firm to handle data security for your business. If you decide to sue the firm for not properly managing the security of your customer database, the IT firm would need third-party cyber insurance coverage to pay its legal fees in the lawsuit.
Who Needs Cyber Liability Insurance
Businesses that need cyber liability insurance are not limited to large organizations like Federal Emergency Management Agency (FEMA) and Facebook, both of which have experienced massive data breaches in 2019. Small- and mid-sized companies are also at risk. In fact, many cyberattacks are directed specifically at small businesses because they can be more vulnerable.
A cyber readiness report compiled by Hiscox showed businesses with fewer than 250 employees devote a smaller proportion of their IT budgets to cyber protection than larger organizations. Moreover, a separate report form the Insurance Information Institute revealed that 55% of small businesses have suffered a cyberattack and only 14% rate their ability to mitigate cyber risks as highly effective.
According to Allison Hill, Client Executive at Cobb, Decker, Dunphy & Zimmerman:
“Don’t assume that your company doesn’t have an exposure just because it’s not obvious. If you allow credit card payments, you have an exposure. If you store data at your location, you have an exposure. If you have email, you have an exposure. There exists no business that is truly immune to the potential of a cyber liability claim. Ultimately, you have the choice to buy insurance or self-insure, but recognizing the potential for loss is the most important element of this process.”
“Don’t assume that your company doesn’t have an exposure just because it’s not obvious. If you allow credit card payments, you have an exposure. If you store data at your location, you have an exposure. If you have email, you have an exposure. There exists no business that is truly immune to the potential of a cyber liability claim. Ultimately, you have the choice to buy insurance or self-insure, but recognizing the potential for loss is the most important element of this process.”Despite the clear risk to businesses of all sizes and in all industries, most small business owners are only starting to educate themselves about cybersecurity. Similarly, many small business insurance companies are still trying to find the best way to underwrite the cyber policies, making education on the part of the small business owner even more important.
Cyber Insurance Coverage Types
Cyber insurance coverage has not yet been standardized by the insurance industry, so terminology can be inconsistent. That said, there are a few coverages you may want to look for in your cyber insurance policy. We’ve listed some of the most common ones here, along with a description of what each covers, and whether it is a first- or third-party coverage.
| Coverage Type | What It Covers | |
|---|---|---|
| Business Interruption | Loss of business income due a cyberattack | |
| Computer Fraud | Covers theft of money, securities, and other forms of tangible property through computer fraud and social engineering schemes | |
| Data Breach Insurance | Claims of failure to protect personally identifiable information (PII) and protected health information (PHI) of clients | |
| Property Damage | Replacement cost of computers damaged by a cyberattack | |
| Identity Theft | Expenses related to the business owner or their employees after identity theft | |
| Advertising & Personal Injury | Damage caused by defamation on website or social media | |
| Transmission of Virus or Malicious Content | Failure to stop the transmission of a computer virus or malicious content | |
| Errors & Omissions | Loss caused by failure to provide proper network security |
Which coverages your cyber insurance has depends mainly on what your insurer is willing to offer. In many cases, an insurer may allow you to select from these and other coverage options, but some carriers may limit their coverage to just a few of these. This is why business owners need to consider both price and policy terms when selecting cyber insurance coverage.
Cyber Liability Insurance Costs
Cyber insurance costs vary widely, depending largely on how much risk your business faces. A small business that stores data but has relatively few customers can expect to pay between $800 – $2,000 per year. A larger business with more revenue and more clients might pay up to $7,500 annually.
Cyber Liability Insurance Costs by Industry
| Business | |||
|---|---|---|---|
| Healthcare IT provider | |||
| Healthcare clinic | |||
| CPA / Tax preparation | |||
| Small retail store |
Small businesses cyber liability insurance costs typically start around $1,000 for $1 million coverage limit. However, a number of factors, including revenue and number of stored personal records can raise annual premiums to the higher end of the price, around $7,500 for businesses of all sizes. Small businesses whose primary operation is handling larger firms’ data may see significantly higher costs ― sometimes as high as $40,000 per year.
The primary factors impacting cyber insurance costs include:
- Industry: Industries that store personally identifiable information (PII) or personal health information (PHI), such as finance and health, or where businesses are responsible for securing their clients’ electronic data, like IT, have greater risk of cyberattack.
- Type and amount of records: Storing client data as opposed to your own information requires greater protection. The more PII or PHI you store, the greater risk and thus the greater coverage you’ll need.
- Annual revenue: Businesses with higher revenue have a higher risk exposure than businesses with lower annual revenue, so they usually have higher cyber liability insurance costs.
- Coverage limits: Selecting higher coverage limits increases your business’s protection, but it also drives your premiums up.
Cyber liability insurance is a relatively new product, so the insurers who write the coverage tend to use their own forms. As a result, terms and premiums can vary greatly. We recommend getting quotes from at least three providers to ensure you find cyber insurance coverage this is both affordable and appropriate for your operations.
Tips on Getting Affordable Cyber Insurance Coverage
Although the cost of cyber liability insurance is low in relation to the potential financial damages your business could incur after a data breach or cyberattack, you don’t want to pay more than necessary for cyber insurance coverage. Fortunately, there are a few ways you can reduce cyber insurance cost.
Four tips for reducing your cyber liability insurance costs include:
1. Don’t Overinsure
As with most insurance, cyber insurance cost can be reduced by not buying more insurance than you need. For example, if your business doesn’t store your client’s personal information, you probably don’t need third-party cyber insurance coverage. However, you might need first-party coverages for business interruption, property damage, and identify theft.
2. Consider a Higher Deductible
Opting for higher deductibles means lower premium costs. Once you and your agent or broker determine your greatest risk exposures, you want to think about how much financial responsibility your business can afford and adjust your deductibles to the highest level you can pay in the event of a data breach.
3. Limit the Risk of Cyberattack
Cyber insurance is a good investment for mitigating the cost of a cyberattack after it has already occurred. However, taking proactive measures can significantly reduce the odds of being victimized in the first place. Insurers often reward businesses with good risk management and few claims in their history with lower premium.
4. Get Multiple Quotes
When shopping for cyber insurance, it’s smart to get at least three quotes from different insurance carriers. You can get quotes directly from carriers or through their respective agents, but you might also want to work with an independent broker. They have access to several carriers and can help you compare policy offers.
According to Jeff Somers, President, Insureon:
“Brokers also have an opportunity to steer customers toward appropriate cybersecurity software solutions and to recommend best practices with regards to information protection, network security and employee training.”Cyber Liability Insurance Frequently Asked Questions (FAQs)
The risk of suffering a data breach is much greater than most small business owners realize. If you’re not sure whether you need cyber liability insurance or which coverage is right for your business, check out the answer to two of the frequently asked questions below.
Why should I buy cyber insurance?
Small business owners face a much greater threat of data breaches and cyber attacks than most realize. Hackers often take advantage of weak security in small businesses to infiltrate larger companies. Worse? The average cost of a cyber incident is $34,604, according to Hiscox’s cyber risk report. Cyber liability insurance helps defray those costs.
What’s the difference between data breach and cyber liability insurance?
Some people use the terms data breach insurance and cyber liability interchangeably. However, data breach insurance covers your costs when your information is attacked. Cyber liability, on the other hand, covers your costs when you’re accused of causing or allowing a cyber incident for an outside party.
Bottom Line
Almost every business is a candidate for cyber insurance coverage. If your business relies on electronic data or stores client personal information, you are at risk. The cost that follows a cyberattack, plus the damage to your reputation can hurt your business. It’s wise to protect what you’ve built by investing in cyber insurance.
Whether they think they are at risk of a cyberattack or not, every business owner should speak with an expert about their cyber liability risk exposures. We recommend talking to the experts at The Hartford. They can provide your business with a free, no obligation quote in minutes.
Submit Your Comment
Disclaimer: Reviews on FitSmallBusiness.com are the product of independent research by our writers, researchers, and editorial team. User reviews and comments are contributions from independent users not affiliated with FitSmallBusiness.com's editorial team. Banks, issuers, credit card companies, and other product & service providers are not responsible for any content posted on FitSmallBusiness.com. As such, they do not endorse or guarantee any posted comments or reviews.
You must be logged in to comment. Click a "Log in" button below to connect instantly and comment.