It's important to get the details right when you're talking about how to protect an IT business. For example: did you know that there are different kinds of cyber liability and different insurance policies to cover each?
The cyber liability that most IT professionals are exposed to is called "third-party cyber liability." Here's what you need to know to keep your business out of lawsuits.
Third-Party Cyber Risk vs First-Party Risk: Which Risk Does Your IT Company Have?
There are two kinds of cyber liability:
- First-party cyber liability: the liability a company has for data stored on its own network.
- Third-party cyber liability: the liability an IT company has for a client's data when it is stored on the client's or a third-party network.
If you're like most IT business owners, you have primarily third-party data risk. You probably don't store much private data on your network, but you provide IT solutions that work on a client's network and could expose their data. But your liability doesn't end there. You might also be responsible for data when it's hosted on cloud storage and third-party networks as well as when it sits behind your clients' firewalls on their networks.
Most IT companies don't store private data on their own networks and typically don't have much first-party liability. But some IT companies, such as web hosts and data analysts, do have significant first-party risk because they host clients' private or financial data on their servers. These companies are responsible for protecting client data and can get insurance for hacks, outages, and cyber-attacks on their own networks.
Now that we've gone over the two kinds of cyber risk IT business have, let's look at which insurance covers each risk.
How Errors & Omissions Insurance Covers Third-Party Cyber Liability
IT Errors and Omissions Insurance covers your lawsuit expenses after data breaches or cyber attacks on client networks.
Say an IT contractor sets up an ecommerce site for a client. They use a third-party service to manage the site's transactions. However, this third party is hacked, exposing the client's customer data. In this situation, the IT contractor can actually be sued for recommending the ecommerce service. Fortunately, E&O Insurance covers the IT contractor's liability, paying for the lawsuit if the client sues them.
Cyber Security & Insurance: Do IT Companies Need Cyber Liability Insurance?
Though Cyber Liability Insurance (also called Data Breach or Cyber Risk Insurance) sounds like an insurance policy that IT professionals need, most IT professionals probably don't need to purchase it as a standalone policy. Cyber Liability Insurance only covers first-party liability — it pays for the cost of data breaches on your company's own network.
As we said above, most IT professionals don't have significant first-party risk. You likely don't store enough private data on your network for this coverage to be practical. But it can make sense for web hosts, DBAs, or big data analysts that work with customer data on their own networks.
Cyber Liability Insurance covers the main aspects of a data breach response, including…
- Credit monitoring for people affected by the data breach.
- Data breach investigations.
- Crisis management.
- Call center / customer contact expenses.
CL Insurance also covers cyber extortion expenses. Say a web host is threatened with a DDoS attack. If cyber criminals demand a ransom before relenting, Cyber Liability Insurance can cover the cost.
Even if this coverage doesn't make sense for your company, it's important to understand how it works because clients might want to purchase it for themselves. Cyber Liability Insurance can be a smart investment for your clients who want more data security. Law firms, investment companies, and healthcare companies have greater cyber risks and often want more protection.
What to Expect from Cyber Insurance Costs and Coverage
The cost of IT insurance depends on the type of IT work you do and how big your company is. To get an accurate cost estimate, fill out our online insurance application and receive free IT insurance quotes.