Like most businesses in today’s fast-paced digital economy, you are probably relying more and more on computers and servers as the primary means of storing important client information. Not only is this unavoidable in most businesses, it also saves time, space and effort over the paper files of yesteryear. But progress always comes at a cost. In the case of digital records, the cost for business owners involves the potential exposure to cyberattacks.
But using professional liability insurance to cover cyber liability claims can be an expensive choice. First, you erode your limits. You also create a claim against your professional liability policy. And that increases your rates.
You’ve got three choices for covering a cyber claim:
According to Forbes, the average cost of a data breach is $3.86 million dollars. Why is this average so high? It comes down to the number of individuals who can be affected in a single cyberattack. Think of each personally identifiable record you have for both prospects and clients. This includes ANY record with one or more of the following:
A recent Digital Guardian report estimates the average cost of a data breach at $150 per record. This means that if you had twenty thousand records in your database the average cost of a cyber breach would be approximately $3 million dollars.
Add to that the remediation requirements. For every personally identifiable record compromised in a data breach, you are obligated by law to notify each client affected and provide ongoing credit monitoring services for every single individual at risk of identity theft. The costs of a data breach could be crippling to a small business.
Cyber liability self-assessment
The best way to protect your business from a potential cyberattack is to create safeguards that can reduce the chances of an attack occurring. These practices should be the first-line defense of any business:
While these measures can help prevent a cyberattack, it still makes sense to plan for large financial exposures in case prevention fails. If your systems were hacked, how would you pay for the breach? We’ll explore 3 options to help you decide which path towards cyber protection makes the most sense for your business.
To decide how much you need to have in reserve to self-insure for a cyberattack, one of the first questions to ask yourself is how many personally identifiable records you have. For businesses that have been around for any length of time, it would be reasonable for a database of prospects and clients to contain tens of thousands of records.
Going back to the Digital Guardian estimate of $150 per record, if you had twenty thousand records in your database the approximate cost to cover a cyber breach would be $3 million dollars. Do you have that amount of cash saved to cover a possible data breach? If not, you may need insurance to adequately protect your business.
Many professional liability insurance policies do contain some form of basic cyber liability coverage. A common practice for insurance carriers is offering additional cyber coverage to a professional liability policy in order to make the policy more attractive to a potential buyer. This option may work for you, or it may not. There are a couple of caveats to consider.
The first is that if you rely solely on a professional liability policy for your cyber protection, you are essentially overpaying for cyber insurance. Why? Because the cost of a standalone cyber liability policy is significantly less expensive than adding to a professional liability policy in most cases.
The second is that relying on professional liability insurance to cover a cyber breach puts you at risk of exhausting the available coverage on your professional liability policy. This “kicking-the-can-down-the-road” strategy puts you in danger of eroding your limits of liability.
For example, say that you have a $500,000 professional liability policy and use it to pay remediation for a cyberattack costing $450,000. This leaves you with only $50,000 in coverage for any future claims to cover exposure from malpractice, frivolous lawsuits, or simple errors that may threaten of your business.
Many firms decide that a less-expensive, standalone cyber liability policy makes more financial sense both in the short run and the long run.
If you have made the decision that a potential cyber liability exposure is simply too large to ignore, a standalone cyber liability policy can provide an affordable complement to your existing coverage(s).
A cyber liability policy should match your practice and unique needs. This may include the number of records and the amount of cyber exposures you have. The policy should be able to grow with you and your business as your needs change and grow.
Specific coverages to consider as you explore cyber liability insurance policies include:
Additional coverages, benefits and endorsements will typically be available depending on the type of cyber liability policy and the insurance carrier who underwrites the policy. This will allow you to customize a policy to fit your specific needs and budget requirements.
The potential costs of a cyber breach could be catastrophic for any business. That’s why best practice is to mitigate the potential exposure of a breach through the use of a cyber liability policy. This will allow a business to affordably cover their digital exposures while also protecting professional liability policy limits for any future malpractice claims.
Cyber Liability Self-Assessment
Key Questions To Ask When Shopping For Professional Liability Insurance
Price vs. Value: Making Informed Choices When Shopping for Lawyers Professional Liability Insurance
Make informed decisions when it matters most by knowing how to handle a malpractice claim, when to report it to your carrier and how prompt reporting impacts both your practice and the insurance carrier.
If you own a business, you are a target. Cybercriminals are vicious and no one is immune. Protect your law firm and your clients with Cyber Liability Insurance.
Subscribe to our monthly newsletter to receive loss prevention tips & advice, CLE webinar invites, our latest blog articles & more.
