On March 22, 2018, the city of Atlanta’s website was hit by a ransomware cyberattack. Residents couldn’t access online applications or pay water bills and parking tickets. Court proceedings were cancelled. An estimated ten years’ worth of documents, including police dash cam recordings, were lost. It was five days before city government employees could turn on their computers. The city may spend more than $10 million to fully recover.
Whether you run a city, a multi-million-dollar corporation, or a small mom-and-pop business, you’re susceptible to cyberattack. According to the U.S. Council on Economic Advisors, malicious cyberattacks (deliberate attempts by an individual or organization to breach another’s information system) cost the U.S. economy between $57 billion and $109 billion in 2016. Former Cisco CEO John Chambers once observed, “There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.”
How cyber insurance can help
Cyber insurance doesn’t prevent cybercrime, but it can protect you and your business after a security breach.
A good policy can cover:
- Costs of a forensics investigation to determine the type of attack and how to repair it.
- Monetary losses due to network downtime, data recovery, crises management and reputation repair.
- Lost income (net profit before taxes) that a business suffers due to interruption or degradation of service, or for the failure of your computer system caused by a network security failure.
- Reasonable and necessary expenses paid for, or incurred by, your business as a result of a cyber incident.
- Data breach notification costs and credit monitoring for affected customers or employees.
- Lawsuits and costs incurred in investigation and legal defense, including monetary amounts you’re legally obligated to pay on account of third-party liability claims against you and your business. These claims may arise from actual/alleged failure of network security or you/your business’s actual/alleged failure to protect personal, protected or confidential or proprietary corporate information.
- Extortion threats, ransom payments and directly related expenses as a result of: a threat to bring down a network; to alter, corrupt or destroy digital data; to restrict or inhibit access to you or your business’s computer system; or to release or destroy sensitive, confidential information.
Cyberattacks aren’t going away; in fact, they’re becoming more complex and affecting businesses of all sizes. Be prepared and know the contractual requirements and legislation around managing cyber risks.
Contact your Sapers & Wallack/Hilb Group of New England advisor today to learn how cyber security insurance can protect you.