Small Businesses Need Cyber Risk Insurance Too
When a big corporation like Sony suffers a serious data breach, it dominates the headlines. But small businesses are increasingly victims of data loss too. It can be as simple as a laptop gone missing from a doctor’s surgery - or as bizarre as poorly shredded documents turning up as confetti at a carnival parade.
There are very many different cyber scenarios that can end up in potentially expensive notification and response obligations.
So it isn’t surprising that demand for cyber coverage is gaining momentum in the U.S., especially in the small business marketplace. By the end of 2013, we expect half of carriers active in the small business space will either sell data breach insurance or be working on a product, compared to just a handful a few years ago.
Insurers entering the market have the choice of starting with a first-party product only for response expenses, or a combined first and third-party liability product. The market is fairly evenly split at this point, but a trend towards the all-inclusive approach is emerging. Most “main street” writers favor this Data Breach Insurance product for their customers. The full cyber product spectrum extends beyond that to encompass many more exposures - at higher limits and premium.
All insurers need to address the usual product considerations like rating methodology. But cyber cover carriers also need to look at issues special to the market, like accumulations that could arise from widespread viruses, for example. Another source of uncertainty for underwriters is vendor and third-party breaches because they are out of the insured’s control.
But perhaps the biggest challenges for everyone in this market is keeping pace with the constantly evolving legal framework and coverage offerings around cyber exposures - wherever you are in the insurance product spectrum.
Find out more on underwriting cyber risk for small businesses.