Cyber-risk business insurance

Find out how to protect your business from cyber-attacks and viruses with our helpful guide to cyber risk insurance

Key points

  • Cyber risk insurance can cover you for damages from cyber attacks
  • There are two main types of cyber insurance
  • Educating your team on cyber security will help to protect against attacks

We rely on the curious world of the interweb for most of our entertainment - sharing funny memes, watching cat videos. That sort of thing. 

But when it comes to business, any form of Information Technology (IT) needs to be taken quite seriously.

Take your fun hats off. It's time to get real.

According to government statistics, 46% of UK businesses have been hit by at least one cyber-attack or security breach between April 2016 and April 2017. 

With almost half of UK businesses affected in the last year alone, it's really important to have the right measures in place to protect your business. Cyber risk cover can protect you if you're a victim of: Briefcase

  • A data breach
  • Malware
  • Email scams
  • Network failure
  • Theft
  • What is cyber risk insurance?

    Cyber risk insurance will compensate you if your IT systems or networks fail or are hit by a cyber-attack.

    It can cover you for any income you've lost due to the interruption as well as any repairs that need to be made.

    Shockingly, over a quarter of British businesses are not protected against cyber-attacks and could be missing out on income if they were to be targeted.

    Being hit may also damage brand reputation and leave customers feeling vulnerable - people want to feel like their information is safe in your hands.

    However, by dealing with the situation in the right way, you can work on earning your customer's trust back while your insurer helps you to get back on your feet.  

    Do I need cyber risk insurance?

    Did you know...?

    • The 2017 WannaCry ransomware attack affected more than 150 countries
    • Businesses that hold electronic personal data on customers are more likely to have had breaches[1]

    All businesses that use IT of any kind should have cyber risk insurance in place, especially if they hold sensitive customer information or process card payments.

    Even if your business is small, your software and equipment are still vulnerable and should be covered by a good cyber risk insurance policy.

    As well as making sure you have your own protection in place, you should also ask your suppliers to meet your standards of cyber security. 42% of publicly traded growth companies in the UK currently fail to do this and are therefore leaving themselves susceptible to any threats that their suppliers face.[2]

    Types of cyber policies

    There are two main types of cyber-risk insurance policy.

    First party cyber risk insurance

    First party cyber risk insurance will usually cover you for anything that directly impacts your business due to accidental damage, system failures or a cyber-attack. Laptop

    This can include:

  • Business interruption resulting in loss of income
  • Communication interruption if emails are unable to be accessed
  • Damage to digital and physical assets
  • Damage to reputation
  • Theft of money or data
  • Third party cyber risk insurance

    Third party cyber risk insurance will cover any damage to other companies' as a result of a breach to yours.

    This can include:

  • Privacy breaches
  • Costs relating to defamation
  • Virus or malware affecting other companies through yours
  • Dr Ben Silverstone, lecturer in postgraduate computing at Arden University, points out the importance of taking reasonable care when seeking out cyber risk insurance.

    "Just like insurers require car owners to keep valuables out of sight in order to validate a claim, organisations will need to demonstrate that they are also taking proactive steps to mitigate risks," he says.

    "A large part of this mitigation will come in the form of policy and guidance. Acceptable user policies that are permissive, but strong, will enable employers to demonstrate that they are putting in place measures to help prevent cyber risk within their organisation."

    Maximise your security

    It's easy to get caught out by a dodgy email or fall victim to malware.

    Although some instances are unavoidable, there are steps you can take to minimise your chances of being struck down by a virus or cyber-attack.

    Sarah Adams, senior account executive at PolicyBee, says: "Keeping your people cyber vigilant is essential to protecting your business, so make sure you do regular, structured training and keep the conversation going. It's all about being risk savvy."

    She adds, "Having cyber insurance helps you to move fast, to get your systems and your business up-and running again quickly. You don't have to deal with a malware problem - or any other cyber-attack - on your own. A specialist insurer not only has the money to sort out these situations, it has the time and the expertise too."

    By Alice Morgan