For many Small and Medium-size Businesses (SMBs), this insurance niche is still a fairly new and unfamiliar concept. Avoid the concept that you don’t need it because you pay for ‘excellent IT support.’ Any employee can be tricked into causing a breach.

In tracking the history of Cybersecurity Insurance, when it was introduced in the 1990s, it was initially formulated to provide coverage for large enterprises, covering things like data processing errors and online media.

Since that time, the policies for this type of liability coverage have changed. These days, cyber insurance policies usually cover the typical costs of a data breach, including remediating a malware infection or compromised account.

All policies vary, but generally, they will cover the costs involved with things like:

Recovering compromised data

Repairing computer systems

Notifying customers about a data breach

Providing personal identity monitoring

IT forensics to investigate the breach (separate from your own IT services provider)

Legal expenses

Ransomware payments

Data breach volume and the associated costs continue to rise. According to NASDAQ, 2021 set a record for the most recorded data breaches in a year, and breaches have continued to snowball. In the first quarter of 2022, breaches were up 14% over the prior year.

Are small businesses vulnerable to cyber attacks?

Every business is vulnerable. Small, mid-sized, or large: they are all targets. Small businesses often have more to lose than larger enterprises as well as they do not have the same ability to absorb losses. About 60% of small businesses close down within 6 months of a disastrous cyber incident.

It is not uncommon for very small businesses of less than ten employees to forego the cost of ongoing IT Support. Often, a friend or relative with a little ‘know-how’ pitches in when needed. This situation does not typically ensure the best security measures.

The changes in this type of insurance are caused by the increase in online danger and rising costs of a breach. The Cyber Insurance industry evolves in relation to the aspects of the threats and ensuing liabilities. Businesses need to keep up with these trends to ensure they can stay protected.

Here are some of the cyber liability insurance trends you need to know about.

Demand is Increasing

As documented by IBM, the global average cost of a data breach in 2022 was $4.35 million. In the U.S, it’s more than double that, at $9.44 million. As the associated costs continue to balloon, so does the demand for cyber insurance.

Companies of all types and sizes are realizing that cyber insurance is crucial to the continuing viability of their enterprise. It is every bit as important as their business liability insurance. Without that protection, they can easily go under in the case of a single data breach.

With demand increasing, look for more availability of cybersecurity insurance. This also means more policy options, which is good for those seeking coverage.

Increasing Premiums

With the increase in cyber-attacks has come an increase in insurance payouts. Insurance companies are increasing premiums to keep up. In 2021, cyber insurance premiums rose by a staggering 74%, but calmed down a bit in 2022.

This increase has been driven by the costs from lawsuits, ransomware payouts, and other remediations. Insurance carriers aren’t willing to lose money on any type of policy, let alone cyber policies, so it stands to reason that those policies will get more expensive – especially since they are more necessary now than ever.

Certain Coverages are Being Dropped

Some types of coverage are getting more difficult to find. For example, some insurance carriers are dropping coverage for ‘nation-state’ attacks - those that come from a government.

Many governments have ties to known private hacking groups – Russia is the most prolific, whereas China and the US maintain state agencies for this job. A ransomware attack that hits consumers and businesses can very well land in this category.

In 2021, 21% of nation-state attacks targeted consumers, and 79% targeted enterprises. So, if you see that an insurance policy excludes these types of attacks, be very wary.

Another type of attack payout that is being dropped from some policies is Ransomware. This is an alarming trend that any decent IT services provider should be aware of, because Ransomware has been on a dramatic rise since early 2020. Between Q1 and Q2 of 2022, ransomware attacks increased by 24%.

It is not cost-effective for insurance carriers to pay the ransom for clients. So many are excluding these payouts from policies. This puts a bigger burden on organizations. They need to ensure their backup and recovery strategy is well planned – which they should ALREADY be doing.

Qualifying is Becoming More Difficult

Just because you want cyber insurance, does not mean you are going to qualify for it. Qualifications are becoming stiffer. Insurance carriers aren’t willing to take chances. Especially on companies with a poor history of cyber hygiene. Think of trying to get automobile insurance when you’ve received ten traffic citations and caused five collisions in the last two years. Good luck with that.

Some of the factors that insurance carriers look at include:

Network security

Use of things like multi-factor authentication

BYOD and device security policies

Advanced threat protection

Automated security processes

Backup and recovery strategy

Administrative access to systems

Anti-phishing tactics

Employee security training

Often, you will be required to fill out a long questionnaire when applying for cyber insurance. The proposed insurer will specifically want to know what network security measures are in place. It is highly recommended to have your IT services provider help you with this.

As you review the questions, your IT support can identify security deficiencies and suggest enhancements (if they are worth their salt, robust defenses should already be in place). Just like other forms of insurance, if you take steps to reduce risk, it can often reduce your premiums.

It pays to do this type of security review before applying for cyber insurance, as it can save you time and money. It can also fortify your defenses against cyber-attacks.

Frequently Asked Questions

Q: What are the types of cyber insurance?

A: Just like any insurance coverage, specifics apply. Choose what you need and be sure it’s included. Wikipedia offers a simple breakdown of the different types HERE. The types include:
Network Security
Theft and fraud
Forensic investigation
Business interruption
Reputation insurance
Computer data loss and restoration
Data restoration

Q: What does cyber insurance actually cover?

A: Policies vary depending on the coverages you seek, but the key element of cyber Insurance is that it covers the customer’s cost as a result of security failures - from the actual system recovery to legal fees, fines and consumer liability. When choosing a supplemental policy, be very certain it covers you the way you expect.

Q: What is the average cost of cyber insurance?

A: It varies according to the amount/type of coverage and the state. According to AdvisorSmith, the average cost in the US is $1,485 per year. That is not so much when you look at the fines and penalties you could be facing after a breach. With a serious breach, the fines, penalties, and ensuing litigations can put even a healthy company out of business.

Q: How do I get cyber insurance?

A: Any business insurance company or broker will be more than happy to help you out. Asking your current insurance agent is a good place to start. Your agent should know your business, and an honest broker won’t load you up with coverages that you really don’t need. Many small and non-complex businesses may only need additional data breach coverage, which can typically be added to your General Liability insurance or Business Owner’s policy.

How secure is your network?

As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and security assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.

The best defense is the best Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider (MSP) to ensure continued reliability and defenses against newly emerging threats.

With our 100% Money Back Guarantee in writing, we offer a risk-free way for prospective clients to try us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.

Need Help Making Sense of Cybersecurity Policies?

Insurance applications and coverages can be complex. If you answer wrong on a question, it can mean paying hundreds more in premiums than you should.

If you’re considering cyber insurance, give us a call and schedule a free consultation. We can explain the policy details and provide guidance.

Among the Managed IT services we provide:

IT HelpDesk Service
Onsite IT Support
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)

IT Support LA an award-winning Managed Services Provider (MSP):
o  3 Years awarded Best IT by the Small Business Expo
o  Awarded 2nd best company of any type in the US by the Small Business Expo SB100
o  Awarded Best IT in California by Channel Futures
o  Winner of Best IT Support in Los Angeles 2021 by Channel Futures
o  Listed as one of the world’s Top 501 Managed Services Providers by CRN and in the top 250 in the ‘Pioneer’ listing
o  4 years listed as one of the Top 501 MSPs in the World by Channel Futures
o  Globee 2021 Bronze Award winner for Chief Technology Officer of the Year
o  Globee 2022 Gold Award winner for Chief Technology Officer of the Year
o  Named one of 2022’s 50 ‘Best’ businesses in California by UpCity
o  Named Best of IT winner for 2021 by UpCity
o  Winner of Local Excellence Award for 2021 by UpCity
o  Named Best of Cloud Consulting winner for 2021 by UpCity
o  Certified as Top MSP and Cybersecurity Pro for 2021 by UpCity
o  Named Best IT Support in Los Angeles for 2021 by

For more information, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at: