Should you invest in cyber insurance? 

Cyber crime is massively on the up. So, should you invest in cyber insurance?

The short answer is almost certainly yes. But don’t go in with your eyes closed.

Here is what cyber insurance is, why it’s important, and some things to check and know before you buy:

What is cyber insurance?

Cyber insurance is a type of insurance cover designed to protect businesses from online and digital threats.

The financial cost of being a victim of cyber crime can be huge. Cyber insurance can help reduce the risks involved.

You might sometimes see this kind of cover described as “cybersecurity insurance” or “cyber liability insurance”.

Why is cyber insurance important?

1) Being a victim of cyber crime is expensive

£3.3 million was the average cost of a data breach in 2023. 

Now, that might be a figure that’s a little beyond many SMEs. Yet the cost of the average breach is on the rise – up a whopping 15% since last year alone.

2) Loss of data means loss of customers (and reputation)

It’s not just the financial cost of suffering a data breach that causes problems for victim businesses.

There’s a huge reputational cost too. Few people trust a company known to have lost the data of hundreds, thousands, or – in Sony’s case a few years ago – 77 million of its customers’ records.

3) Lost productivity or service

Picture coming into your office one morning and finding your team milling around unable to log in to your system.

You’ve suffered a ransomware attack. You won’t be able to access your system until you pay the exorbitant ransom or get a specialist in to take a look.

Perhaps you simply can’t make your system work – or trust it to do so securely – following a data breach.

Either way, this is time that your team can’t do their jobs and your customers can’t access your services. How much is that going to cost you?

(Sidenote: Sony had insurance that was later ruled not to cover their data breach. They were left out of pocket to the tune of more than a hundred million pounds.)

4) Legal coverage and costs

If you don’t have a certain degree of cybersecurity in place, you may also face heavy fines should you suffer a breach. Cyber insurance can help cover this (but shouldn’t be seen as an alternative).

On top of that, you may end up needing legal expertise to deal with the aftermath of a breach. Lawyers aren’t cheap. But the sometimes complex legal outcomes of a breach often require some.

5) Boost your security credentials

There’s a reason why so many businesses – and the UK government – insist that any company they deal with needs solid cybersecurity measures (like those outlined in the Cyber Essentials scheme).

Signposting that you have cyber insurance coverage further increases the level of trust prospective partners and customers place in you.

6) Peace of mind

Unless you have huge stacks of reserves that you don’t mind being at risk, cyber insurance gives you peace of mind that you have coverage in place in the event of a cyber-related catastrophe.

Is cyber insurance a good idea?

Cyber insurance is almost certainly a good idea in the vast majority of cases. However, not all policies are created equal.

Check if any cyber insurance policy you are considering:

  • Covers any lost Intellectual Property
  • Will offer any kind of protection against Public Relations damage 
  • Has strict processes you must follow after a breach
  • Requires you to use your provider’s preferred lawyers (assistance can be handy but restrictive)
  • Provides full protection (cyber insurance still often covers less than the cost of a breach)

The ransomware target debate

In recent years, ransomware attacks have gone through the roof in terms of numbers and effectiveness.

Some people have argued that being covered (and thus being able to secure payment funds) makes businesses more likely to be a target.

A few cyber insurance providers have reduced the amount of coverage they offer against ransomware attacks for this very reason.

But some say it’s a bad idea to give in to any demands anyway. This is for the same reason most governments don’t negotiate with terrorists – someone else may try the same thing again.

Should you invest in cyber insurance? 

It is a rare business that would not benefit from cyber insurance. But it shouldn’t be viewed as a catch-all solution or substitute for smart, cohesive, well-monitored cybersecurity practices.

If you are in any doubt, discuss whether you should invest in cyber insurance with your Managed Service Provider or in-house IT specialists. They should be able to advise you properly.

Want to talk your cybersecurity and insurance situation through with an expert?

Dial A Geek has already helped over 1000 businesses in Bristol and across the UK.

Set up a cost and commitment-free chat with Chief Geek Gildas Jones today.