Today, cyber security has become a fact of life. It’s no longer an ambiguous concept or a trendy buzzword but rather a very real (and exponentially costly) threat to organizations across the board. In fact, according to IBM’s 10th annual “Cost of Data Breach Study,” the average total cost of a data breach reached an all-time high of $3.8 million in 2015—a 23 percent increase from 2013.
Over the years, cyber security has become less of an uninsurable risk and more of a likelihood that every organization should have a right to protect itself from. In fact, research shows that U.S. businesses spent more than $2 billion on insurance in 2014 due to security breaches that impacted high-profile brands like Home Depot and Target.
There’s no denying that cyber threats have become a hard reality for organizations today. So, how can businesses better manage the risks related to a data breach, as well as reduce the costs associated with them? To this end, cyber insurance—a method of cyber risk management through insurance coverage—has emerged as a new-aged form of protection that is picking up speed.
Cyber insurance can include protection against everything from identity theft to compromised data records to costs associated with a damaged company reputation. Perhaps one of the greatest drivers for investing in cyber insurance is mandatory data breach notification regulations, which can be very costly for organizations (currently, 46 of the 50 states have these regulations in place). In this sense, insurance aids with the cost of informing affected users or customers of a data breach (consider Target’s 2013 breach, which affected more than 40 million customers).
Cyber insurance clearly has its benefits, but is a cyber insurance policy necessary for every organization? In April 2016, the Fourth Circuit Court of Appeals ordered that insurance companies must cover data breaches under commercial general liability (CGL) insurance policies. The order was part of “Travelers Indemnity Co. of America v. Portal Healthcare Solutions, LLC.,” and it could have a massive impact on organizations’ cyber security plans moving forward. Essentially, the ruling means that any company with a CGL policy has the potential to have cyber security coverage included.
In any event, it’s a step in the right direction to see insurance finally gaining traction among businesses and cyber threats today, and it’s important that business leaders explore their options.
At VoIP Innovations, we know first hand the impact that cyber attacks can have on a business. To see what we're doing in our wholesale VoIP BackOffice to protect our customers even further, try out a Free Trial today.