If I Don’t Sell Online, Do I Need Cyber Insurance?

You may not sell products or services online in the traditional sense – but do you still need cyber insurance?

Maybe – it depends how your business operates. If you have a website, take online payments, or store customer or employee data online, you will need cyber insurance. If your business has no web presence, and you use the bare minimum or no technology, it’s not likely you will need it.

However, as more businesses move online, it’s harder to find a scenario in which any business operates totally offline. This is why cyber insurance needs to be a consideration for all business owners, regardless of their situation.

In this article, we’ll go over these questions:

• What businesses need cyber insurance?
• What is covered by cyber insurance?
• Should my third party service provide cyber insurance?

Cyber insurance doesn’t just cover your customers’ credit card information, names, addresses and other data. It also covers data about you and your employees. Cyber insurance is vital to protect yourself and others.

What businesses need cyber insurance?

In short, if you store or process data online, your business will need some form of cyber insurance in place.

Cyber attacks are malicious attempts to steal valuable information, and should be taken very seriously. A cyber attack can be just as harmful, if not more so, than a physical break-in of a shop. Cyber criminals are after money, but also credit card information and any personal info that will help them commit crimes like identity theft and blackmail in the future.

Nearly every business these days operate online, somehow. Even a self-employed plumber, for example, may maintain a Facebook page or a website. You may also offer contactless payment via PayPal, or handle your customers’ bank transfers online.

But this doesn’t mean every single business needs cyber insurance.

Give us a ring if you’re not sure, but you’ll need to consider getting cyber insurance if your business:

• Relies on computer systems and online software
• Holds sensitive data about customers or employees (such as names, addresses and financial information)
• Has a website
• Uses a payment card industry (PCI) merchant service

You need to weigh up the potential impact of having the sensitive data your business holds leaked to the worldwide web. How many lives would that involve?

What is covered by cyber insurance?

Cyber insurance will cover you for losses your company suffers as a result of an online attack by a cyber criminal. Cyber attacks can come in the form of malware, ransomware, viruses, and any unauthorised access or data leaks. It will also cover you for information obtained via false pretences, like if someone fakes an email from a higher level asking for access to information, or if a mobile device or laptop is stolen.

Your company’s electronic records may hold names, addresses, confidential medical or employment histories, and other sensitive information about your staff or customers. Even worse, if you take payments online, credit card numbers and bank information may be accessible to hackers. Cyber insurance helps cover the cost of hiring experts and recovering such data, as well as handling regulatory fines and compensation.

Cyber criminals don’t always target large businesses: many more small and medium enterprises are victimised each year, because hackers take advantage of a lack of cyber security awareness.

Not all businesses survive cyber attacks. Either they crumble under the hefty costs of fixing the problem, or their customers’ trust is broken irreparably. When you get cyber insurance, you substantially improve your business’s chance of getting back to normal as quickly as possible.

Should my third party service provide cyber insurance?

No. If a company collects the data of its customers, e.g. credit card information, then it is the company’s responsibility to keep that data secure. Even if you store that data on a third party service, or use a third party service to process that data, it is yours and you are responsible for its safekeeping.

This is because the data would not be there if it wasn’t for you. If you use outsourced IT services or third party tools and apps, it is ultimately still data under your protection.

You could have workers managing your entire IT system from overseas, or just use a third party payment processor like PayPal or Stripe to handle online purchases: the data you hold is still your responsibility, and you need to protect it with cyber insurance.

Confused about cyber insurance? Give us a call today. Our knowledgeable cyber experts are on hand to walk you through what’s involved.