Most people never stop to think about the benefit of cybersecurity insurance. But with cybercrime on the rise, businesses of every size are exposed — even freelancers. Whether you collect payment information from your clients or keep protected client intellectual property on your mobile devices, a data breach can prove disastrous for your business.
Recently, I heard the story of another freelancer who managed several customers’ billing via an online platform. She invoiced monthly for a set retainer against credit cards stored in the system. Her account was compromised, and the hackers charged tens of thousands of dollars against her client’s credit cards before the breach was discovered.
While the payment platform reversed the charges, the designer lost clients due to the breach, and it cost a significant amount of time and stress to resolve the issue. When she talked about her experience and how it prompted her to invest in cybersecurity insurance, I began my own due diligence.
Understand the Current Cybersecurity Landscape
PricewaterhouseCoopers estimates approximately one-third of businesses today have some type of cybersecurity insurance policy, with premiums reaching $7.5 billion dollars by 2020. The risks to small businesses are immense, because hackers, viruses and individuals specifically target them to steal payment and personal information.
These crimes are on the rise, and it’s estimated that 43 percent of attacks target small businesses. You’ll likely face a cybersecurity attack in the future, if you haven’t already. Your data may even be compromised right now, and you’re just not aware. What risks are on the rise today, and how can you identify them?
- Viruses: Viruses and other malicious events are designed to take your systems offline and can disrupt your business, as well as expose sensitive information.
- Targeted hacking: Targeted hacking occurs when individuals breach your security system with the goal to steal payment or customer information, sensitive documents or any other details within your network.
- Ransomware: Ransomware attacks occur when someone in your organization clicks a link and introduces malware into the network. Your data — such as on a computer, phone or server — is encrypted, and a ransom is demanded. Until the ransom is paid, you’re unable to access your information.
- Whaling: These sophisticated attacks involve criminals who use social engineering (learning about your company and team) to mimic an internal request and get an employee to transfer money or sensitive data.
Today’s cybercriminals are incredibly sophisticated, and the threats are constantly evolving. As a freelancer, you might be exposed in any number of ways, from clicking on an attachment that deploys malware to weak passwords.
What Does a Cybersecurity Policy Cover?
A cybersecurity policy protects your business in the event you’re hacked. For many freelancers, a data breach can bring your business to a grinding halt. Plans provide coverage for issues, such as:
- Lost sales and income, while the data breach or hack is fixed
- Costs associated with notifying customers, often required by law
- Investigations to verify a breach, as well as the extent and what information is compromised
- Covering time for third-party firms conducting forensic investigations to coordinate with law enforcement where required
- Credit monitoring services for individuals impacted by the breach
- Lawsuits and damages associated with the loss or exposure of privileged information
- Ransomware demands, where hackers try to extort money from you
Determine If It’s Worth It for You
Every business owner needs to decide whether a cybersecurity policy is right for them. Personally, with the increase in hacking, I began to think about the potential damage that could happen to my own financial stability and my long-term business, if I was hacked without protection. Looking for a policy is simple; consider starting with your existing broker or one of the major insurance providers. Some questions to ask include:
- Are the policies stand-alone, or are they available as part of your existing liability policy?
- Does the policy cover both first-party and third-party breaches? Generally, if you store customer information in the cloud or another third-party system and there’s a breach, you’re legally responsible.
- What are the annual policy premiums and deductibles for any incidents that occur?
- Are there limits per incident or a lifetime maximum on the policy?
- What types of attacks does the policy cover? For example, are whaling schemes, malicious acts by a vendor or generalized breaches covered?
- Are there time frames for what breaches might be covered?
As you conduct your cost-benefit analysis, think about your business model. If you store customer payment information or sensitive intellectual property, this level of protection is worth the investment. Look at the total cost in relation to your budget, and consider how it can fit in with other steps you take to protect clients, such as working with trusted vendors and investing in security software.
Before choosing a policy, shop around: There’s significant variability among providers, premiums and plans. If you determine you’re at risk and a liability policy is within your budget, the peace of mind an investment brings may be the most important benefit of cybersecurity insurance.