With new data protection laws upon us, it’s concerning to find that only 1 in 5 small businesses are prepared for the new regulations. This relaxed approach can make it easier for cyber attacks and data breaches to occur. To get in the know before these changes occur, here are five things that small businesses need to know about cyber liability insurance.
There are new laws that might affect you
On 22 February 2018, the Notifiable Data Breaches (NDB) Scheme was introduced into the Privacy Act 1988 (Cth). This new law applies to small businesses with an annual turnover of $3 million or more and requires small business owners to notify the Office of the Australian Information Commissioner (OAIC) and affected individuals when a serious data breach occurs. Failure to comply with this scheme can result in fines of up to $1.8 million.
Small businesses are at high risk of cyber attacks
Small businesses often fail to implement effective measures to prevent cyber crime, which makes them easy targets for cyber attacks. This may be due to a lack of resources or infrastructure, but can also come down to the “it will never happen to me” attitude. However, given the rapid advances in technology and most businesses’ reliance on online data, cyber crime has been on the rise.
Uber recently had hackers compromise the personal data of 57 million of their users and was forced to pay the hackers $100,000 to have the data destroyed. The company then had to notify all affected individuals and implement more stringent security measures, making the whole breach a costly ordeal for the company.
Cyber liability insurance is worth the cost
The susceptibility of small businesses to cyber attacks and the costs associated with dealing with such data breaches makes cyber liability insurance a necessity in order to cover the costs associated with computer hacking and data theft. The cost of cyber liability insurance will depend on your business’s risk of a cyber security breach. The nature of your business, the number of employees and any existing protection measures already in place will be considered to determine the likelihood of you making a claim. The cost will also vary depending on the sum that you wish to insure and the level of cover that you select.
The impact of a data breach can be permanent
A small business that has its data compromised can experience permanent detrimental effects. Merely complying with the new NDB Scheme is costly in itself, as it takes time and money to identify the extent of the breach and to notify affected individuals. It will often require external professional IT support. Such an event also damages a business’s reputation and interrupts daily business activities, which can lead to a loss of earning capacity.
Businesses will also bear the cost of introducing more stringent cyber security measures to prevent the data breach from recurring. Businesses may need to update their software and implement tighter security measures to protect their online data. This process will involve educating and training employees on these new processes.
The right cyber liability insurance policy can protect your business
There are many different providers of cyber liability insurance that can offer a wide range of cover options. This means it’s important to compare the different offerings to ensure that you are selecting the cover that best suits your business’s needs.
First party coverage usually includes cover for business interruption, theft of data, data recovery pursuits, extortion and crisis management. Third party coverage usually covers fines and penalties, litigation expenses and notification costs. Many insurers will also implement strategies within your business to minimise the chance of any hacks occurring. If your business already has such strategies in place, this can reduce the cost of your premium.
With advances in technology outpacing the law, the legal challenges that the Internet brings are not able to be immediately addressed by regulations. This makes cyber liability insurance an important consideration for small businesses, to mitigate the risks associated with performing business operations online.