What is Personal Cyber Insurance?
Summary: What is personal cyber insurance coverage, and why do you need it? Find out what it can cover and whether you should add it to protect against losses from a cyber attack or data breach.
How Much Cyber Insurance Do I Need? Loss Potential
The expanded remote work environment has led to unprecedented cybercrimes against individuals and businesses large and small. Some cyberattacks have been so pervasive and costly that there has been significant growth in the cyber insurance market. Personal cyber insurance generally covers the costs of attacks such as ransomware, fraud, identity theft and cyber-bullying (a recent addition). In some markets, insurance companies now offer cyber insurance as an add-on rider to homeowners' policies. Some specific protections include:
- Ransom Payments – When a hacker takes control of your computer system and demands a ransom to free up your data or threatens to release it, the financial exposure can be devastating. Ransoms often increase in price the longer they are unpaid, so if you can’t get cyber security experts to unlock your data, you may have to consider paying up. Even after paying, there is no guarantee the hacker will release the data or sell your private data. However, a solid cyber insurance policy might be the best way to minimize your data loss, time and money if you must pay. These policies also cover the legal fees paid to deal with the fallout of such an attack.
- Monetary Exposure – If your private financial data has been hacked and you face fraudulent charges to your debit card, checking account or credit card, many cyber insurance policies will cover any related losses.
- Phishing Scams – If your identity is stolen or you have been tricked into sending money through a phishing scam email, you can be covered for that loss.
- Reputation Attacks – If your identity is stolen and the hacker uses it for criminal or erroneous acts and your reputation is damaged or you have lost income, some cyber insurance policies will cover those costs too.
Do I Need Cyber Insurance?
It depends in large part on your cyber behavior and what type of data you store. If you are diligent about using the latest cyber security best practices, you already reduce your risk of an attack. Keeping passwords and private information safe is an ongoing task that requires serious attention, whether you are a personal user or own a small or midsized business (SMB). However, if you have already fallen victim to cyberattack attempts or someone connected to your network has, it is a good idea to purchase a policy.
Professional services, medical offices and small manufactures are currently at high risk of attack. According to the Identity Theft Resource Center, although 47% of attacks were less than $250,000, 26% of SMB cyberattacks were in the $250,000-$500,000 range. Without cyber insurance, this type of financial hit can put small companies out of business or wipe away years of profit.
Why Would Cybercriminals Target Me?
If you just have old photos, music and recipes on your computer then you probably do not need cyber insurance. SMBs are targeted because of the valuable data they hold and their lack of robust cyber protection. Cybercriminals can resell personal and financial data multiple times on the dark web, hold data for ransom or threaten clients directly to pay ransom. If you collect and store private information that can be used in any combination for identity theft or financial theft, you are liable to protect it. Small business owners often work from home, on personal phones or share computers with family members, increasing risk. All these devices must have strong security to protect business and private data. Many cyber insurers require proof of network security before issuing policies.
How Much Basic Cyber Security Do I Need?
Before getting any cyber insurance, do your own internal analysis of your cyber security best practices. At the very least, make sure you have these items:
- Multi-Factor Authentication (MFA) – MFA is essential for protecting financial account, emails accounts and business-critical software or systems. Having a code sent to a different device or email makes hacking much more difficult. It takes a few extra seconds but provides very powerful protection.
- Password Managers – Strong, unique passwords are essential. Using a password manager helps you store and create passwords and you only need one master password to access them. It alerts you if a password is being re-used and lets you know if your password has been part of a known data breach. It can also help businesses remove access from employees when they leave.
- Security Awareness Training – Understanding how the latest cybercrime scams are conducted is essential to avoiding them. Make regular live virtual security awareness training mandatory for all employees and third-party vendors that access your network.
- Software and Operating System Updates – Developers are constantly fixing holes in cyber security related to their software. New update releases commonly contain such patches. Do not wait for a hack to update your system and software.
- Security Assessments – Conduct yearly professional assessments to look for malware and security gaps
- Antivirus Software – Use high-quality software with live security operations center (SOC) monitoring – not the free or off-the-shelf variety.
Personal Cyber Insurance: Key Takeaways
Do you need cyber insurance? It is a way to reduce risk. Cyberattacks and data breaches are very time consuming and expensive. They can shut down operations and productivity for weeks or months and make clients turn away. Basic computer security and cyber insurance is far less expensive than a cyberattack. Contact your IT technician for ways to improve device, computer and network security and then schedule a talk with your insurance agent.