Almost every company relies on computer systems for some aspect of running their business whether it’s customer data storage, office applications, payroll or email. As our reliance on technology increases so too do the associated risks.
Call us today:
0345 894 4685
Our cyber liability insurance is designed specifically for professional firms to help you manage and control the impact of a cyber breach and get you back to business as usual.
As well as protecting you financially if someone brings a claim against you arising from your use of the internet, email, intranet, extranet or your website, our cyber liability insurance can cover loss of customer data and the consequential losses and fines that may arise from this.
We can also cover your own IT systems if they are damaged, as well as the resultant damage to reputation and potential loss of profits associated with a cyber breach.
To find out more about cyber risks and how to protect your business, click the links below.
Businesses face a range of cyber risks including but not limited to:
The average cost of a cyber attack (per record) is:
Therefore the total direct loss from a data breach per record in the UK is £71.
Source: 2010 Annual Study: UK & US Cost of a Data Breach by Ponemon
Loss or damage to digital assets
If you suffer loss or damage to data or software programmes, costs will be incurred in restoring, updating, recreating or replacing them.
Non-physical business interruption and extra expense
A cyber attack that prevents your company from trading would inevitably result in a loss of income whilst you cannot carry out business as usual.
Years of good work could be damaged by just one incident that sours your customers view of you as a business, meaning a loss of customers and subsequently income.
If you suffer a security breach on your network, transmit any malicious code, or if you breach any third party or employee privacy rights or confidentiality, you may be subject to defence costs and/or civil damages.
If you are investigated by any regulator as a result of the above, you will face investigation and defence costs, as well as potential fines. In the majority of cases, responsibility is on the data owner (you), rather than any data processor you may outsource to.
There is sometimes a legal or regulatory requirement for you to notify the individuals affected by the security or privacy breach, in which case you may be subject to legal, postage and advertising expenses.
Cyber risks are a fact of life in a world of data and information systems. Any company dealing with electronic data whether it’s on mobile devices, computers, servers or on websites face such risks. Whilst the risks remain the same, often the vulnerability to those risks differs depending on the size of the business.
Common misconception: small equals safe
The 2011 small business study by the National Cyber Security Alliance found that 40% of all cyber attacks are directed at firms with fewer than 500 employees.
Open to attack
Smaller businesses may have less robust security and no audited response initiatives (perhaps seen as too costly). They often present opportunistic targets and criminals may use them as a backdoor means of attacking larger organisations.
Vulnerable to damage
Smaller companies may have no access to forensic, legal and PR experts after a security failure. As a result loss of revenue, inability to cover operational expenses and reputational damage can be devastating for them.
Large companies with more data means that breaches can lead to more records being stolen and more costs to manage the loss. They are also more susceptible to third party and shareholder class actions.
Harder to track
Monitoring employee activity, tracking stolen and lost hardware and the corresponding theft of proprietary information is much harder in large complex organisations and data breaches can take much longer to resolve.
Scenario: An employee of a business was driving to work, when he stopped at a junction. A thief reached through an open window and stole his briefcase, which contained a hard-drive with a database of 250 client details including names, addresses, contact numbers, dates of birth, nationalities and passport numbers. The hard-drive was password protected but was unencrypted. The business owner voluntarily notified the Information Commissioner’s Office (ICO) of the breach.
Outcome: Despite the business owner being the victim of theft, the ICO considered that he failed to take appropriate measures to secure the data held on the hard-drive. The business owner should have encrypted the data and placed the briefcase in the boot of the car.
The ICO found that the data subjects could suffer substantial distress knowing that the data has been disclosed to unknown third parties and fined the business owner £5,000 (a reduction from £70,000 in recognition of the business owners voluntary notification).
If your insurance is not yet due for renewal and you would like us to contact you closer to the time
|Cyber liability - what's the risk to your business?||PDF document - 274.4 KB - 05/09/2019|
|Cyber liability - understand the threats||PDF document - 241.7 KB - 12/09/2019|
Call us today:0345 894 4685
Monday to Friday 9am - 5pm
It is thought that, worldwide, one PC is infected every 4.5 seconds.