Women OnComputer Professional 792x792
Return to Insights

Why cyber insurance is important for small businesses

Roughly 43%1 of all cyberattacks are aimed at small businesses. Why? Because these operations often have less security in place than larger companies, which makes them easier targets. In fact, only 14%1 of small business owners say they are adequately prepared to defend themselves.

When attacks against unprepared businesses occur, the financial impact is often significant, and many owners must choose between their life’s savings or their life’s work to move forward. Sadly, roughly 60% of small businesses that fall victim to a data breach or cyberattack go out of business within six months2.

This all makes having the proper cyber insurance critical. Thankfully, with some preparation, a sound plan and an insurance advisor reviewing these risks with you, you and your business can be protected.

Consider a standalone cyber policy

Cyber insurance has gone from an obscure coverage to an increasingly common policy in less than a decade. If you ask business owners today if they have cyber coverage, many will say, “Yes, we have something” or, “We’re covered.” However, having something and being covered aren’t necessarily the same thing. Most packaged or multiple-line commercial insurance policies now include around $10,000 to $50,000 in cyber coverage, but when the average cyber breach costs a business over $200,0003, this coverage alone does not equate to being fully covered.

A standalone cyber policy is the best option to ensure you have a higher amount of coverage and a broader range of protection than what’s included in a packaged policy. This type of policy also provides access to expert resources who will guide you through exactly what needs to be done to comply with state cyber regulations, as well as financial support for legal fees, customer notifications, and costs to get your system back up and running.

A full range of support

Standalone cyber policies should cover both your liability as well as any regulatory damages stemming from a cyberattack. Your advisor and insurer, as well as a data breach coach if the insurer has one, should walk you through the incident response. A thorough response generally includes managing logistics, sending required notifications, working on data restoration and developing a public relations plan, among other items. Your advisor or the breach coach can also help you revamp your system’s security and conduct training with employees. This could mean setting up multi-factor authentication, for example, and talking your team through how it works.

Unfortunately, it’s no longer a matter of if someone attempts to gain access to your systems, but when. With a little prior planning on the IT side along with a robust, standalone cyber policy, you can be prepared to prevent an attack on the front end and be protected from the damages caused by a breach on the back end. Be sure to talk with a knowledgeable insurance advisor to learn all the ins and outs of this critical coverage.

1

https://www.sba.gov/blog/2023/2023-09/cyber-safety-tips-small-business-owners

2

https://cybersecurityventures.com/60-percent-of-small-companies-close-within-6-months-of-being-hacked/

3

https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html

Kory Wermerskirchen Profile Pic

About Kory Wermerskirchen

Kory Wermerskirchen has served as a commercial insurance advisor since 2023, delivering comprehensive insurance programs to meet commercial operational risk management needs with the right balance of coverage and cost. By working with customers to first identify areas of risk and exposure, and then recommending solutions from highly rated insurance carriers with outstanding products and services, he can meet the unique needs of an operation. As a strategic risk management partner, Kory has the expertise, along with the comprehensive tools and organizational resources, to meet risk management needs for businesses and organizations. Befo...

More on Kory