This Article Highlights:
- What cyber liability insurance is and key coverages
- Cost of cyber liability coverage
- How brokers can sell cyber coverage to hospitality clients
In 2022, a panel of risk management experts declared cyber incidents the biggest threat to businesses worldwide. It beat out natural disasters (25%), pandemics (22%), and even supply chain disruptions (42%). It’s no wonder that 75% of businesses today have cyber liability insurance to protect themselves in case their businesses fall victim to shady characters online.
Many business owners who remain uninsured do so because they don’t understand the risks involved. One CNBC poll of small businesses found that 56% thought it was unlikely they would be victims of cybercrime in the next year, with 24% saying they weren’t concerned about it happening at all. However, it does happen — and often. In 2019, Verizon found that 43% of cyber victims were SMBs. With the average data breach costing $4.24 million, it’s essential that businesses of all sizes have insurance to provide coverage against this threat.
Despite the obvious dangers of cybercrime, it’s difficult to persuade business owners that they should pay more insurance premiums for a threat they can’t see. The best way to overcome this hesitancy is with facts. This rundown will explore how little cyber liability costs compared to a breach, what it covers, what benefits it brings, and tips for convincing recalcitrant business owners to get coverage.
What is Cyber Liability Insurance?
Cyber liability insurance is an insurance package designed to protect businesses from the costs of cybercrime. It provides insurance coverage for things like lawsuits due to stolen records, the costs of notifying affected parties, and potentially the PR costs of reassuring visitors that their data is safe in your hands. Cyber insurance also kicks in when an attack freezes a company’s systems. This includes the cost of fixing the cyber interruption and lost profits due to the outage.
Cyber insurance also helps companies mitigate the costs of cybercrime. For instance, Distinguished’s Cyber Liability Coverage includes access to a specialized breach response team that can help diagnose where the data leak is in your system, so the scope of the damages is narrowed as much as possible.
Why is Cyber Insurance Important for the Hospitality Industry?
Although any business with a digital presence should have cyber insurance, the hospitality industry is especially vulnerable. Businesses like restaurants and hotels deal with large numbers of clients and often process payments through online portals or with credit and debit cards. Compared to other industries like finance, they’re less likely to have robust security protocols or training. All of this makes hospitality targets favored victims of cybercriminals.
The costs of these attacks are also very high for an industry often living on small margins. According to IBM Security, the average price of a data breach for the hospitality industry is about $3.03 million. A good cyber insurance package designed for hospitality businesses can help mitigate cybersecurity risks and cover the costs of these attacks.
Cyber Liability Coverage
Compared to other kinds of insurance policies, there is more variation in the market on what is and isn’t covered by a standard cyber package. However, here’s a general overview of what most policies will and won’t cover.
What Does It Cover?
- Cyberattack costs: Direct costs associated with being the victim of a cyberattack, including theft of funds, extortion, and phishing schemes.
- Response costs: Costs associated with responding to a cyberattack, including forensic, legal, and privacy breach management costs.
- System costs: Costs associated with repairing systems after an attack.
- Business interruption: Costs of a business being put on hold due to the attack.
- Media costs: PR expenses to help protect a brand after a breach.
- Liability costs: Legal fees and regulatory fines caused due to an attack.
What Doesn’t It Cover?
- Hacks by foreign governments or terrorists: Most policies will not cover businesses if these kinds of state actors are behind the attack.
- Betterments: Most policies won’t cover the costs of improving your cyber security systems after a breach.
- Value lost due to intellectual property theft: If a company loses value because it lost control of intellectual property, that loss of value is not covered.
Other Cyber Insurance Benefits
- Access to a breach response team: These experts can help you pinpoint where your system has been compromised, then give you advice on how to mitigate your exposure.
- 24/7 hotline: Businesses always have access to advice whenever an attack is discovered.
Cost of Cyber Liability Insurance
The cost of cyber liability premiums has been going up as attacks become more and more commonplace. That doesn’t mean that cyber insurance is necessarily going to break the bank, though. The cost of cyber liability packages varies a lot, anywhere from $500 to $5,000 annually.
Factors that determine the cost of a cyber liability insurance policy include:
- Policy details like coverage amounts
- Current network security and risk factors
- The industry the business is in
- History of cyber claims
- Types of data stored
With Distinguished’s cyber liability coverage, premiums start at around $528 a month. Insurance coverage goes up to $1 million, with higher coverages available if you need them.
It’s important to remind clients that the sticker price isn’t always the most important factor. It’s what you’re getting for that price. With the cost of cybercrime being so high, it’s important your clients get covered for everything their business needs, and sometimes that requires higher premiums.
If you want a quote customized to your client’s needs, you can get one quickly with Distinguished. Simply register your brokerage, fill in your client’s information, and you’ll receive a quote in about 24-48 hours.
How to Sell Cyber Insurance
Selling cyber insurance requires many of the same skills that selling any other package does: communication, persuasion, and trust-building. However, cyber insurance is slightly trickier because cybercrime is less obvious. Business owners naturally understand the dangers of fires or floods. They also have a general understanding of how at-risk they are. For instance, a restaurant built beside a river can see that threat and plan accordingly.
With cyber insurance, it’s your job to not just sell the insurance itself but also to explain what the risks are and how threatened a client’s business is. You can do this by understanding what drives people to buy cyber insurance, pointing out common vulnerabilities in businesses like theirs, and giving examples of companies affected by these attacks.
Know the Winning Arguments
Not all arguments for cyber insurance hold as much weight as others. Luckily, there’s data to help you decide on the best arguments to convince your clients. According to a 2019 CIAB report, the top three reasons SMBs decided to get cyber insurance were:
- Risk transfer (43%)
- Contract compliance (21%)
- Post-breach resources (20%)
For larger businesses, the difference was even starker:
- Risk transfer (64%)
- Contract compliance (11%)
- Post-breach resources (11%)
Take this as a guide for what you should emphasize in your pitch. Transferring risk to an insurer is the top reason, and that should be emphasized. However, adding in the importance of contract compliance and post-breach resources that many businesses won’t have access to also holds some water.
Educate Clients About the Risks and Threats
Explain to your clients what risks are inherent to their business. For instance, ask them what kinds of personal data they store or work with. The more personal and important data they have, the higher their risks. This can include the obvious like SSNs or banking information and the more mundane like phone numbers, names, and email addresses, which can be used for phishing schemes.
It can also help to outline the kinds of cyberattacks that are commonplace today. These include:
- Malware: A software intentionally designed to damage a computer, server, or computer network. Cybercriminals can use a computer infected with malware for several purposes: to steal confidential data, cause damage to data, or use the computer to carry out other criminal acts.
- Ransomware: A type of malware used to extort money by encrypting a victim’s data and then holding it for ransom.
- Phishing: An attempt by an individual or organization to gain private information, like usernames, passwords, or financial details by tricking a target into sharing this info.
- Denial Of Services (DoS): A cyberattack where the perpetrator tries to overload a network and force it offline by flooding it with requests.
- Business Email Compromise (BEC) Attacks: A scam email that looks like it came from a legitimate and known source. For example, a criminal impersonates a vendor that a company regularly deals with and sends an invoice with an updated mailing address for payment. The criminals use slight variations on legitimate addresses (such as email@example.com vs. firstname.lastname@example.org) to fool victims into thinking fake accounts are authentic.
To learn more, take a look at the U.S. Small Business Association’s guide to cyber security.
Give Clients Real-Life Examples
It’s not hard these days to find examples of businesses in the U.S. falling victim to cyber-attacks. Your clients should know that businesses just like them are being attacked every day through examples that hit close to home. Generally, these stories should be from trusted sources in the same industry and show the risks your client could face if they’re uninsured.
Some examples of what you could look for include:
- Local Chipotle restaurants hacked with credit-card stealing malware
- McMenamins targeted by a ransomware attack
Both of these are local establishments in the U.S. that were successfully targeted by hackers. They are recent stories and can highlight the risks all businesses face in today’s internet age.
The Benefits of Cyber Insurance with Distinguished
Distinguished offers a complete standalone cyber insurance package specifically tailored for the hospitality industry. Not only is our cyber liability package competitively priced, but it’s also provided by Beazley — a leader in cyber coverage. This way, your clients know that their restaurants, casinos, or hotels are completely covered at the best possible price.
Register your Agency
Learn more about Distinguished Programs
Contact Distinguished Programs