Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

The value of cyber insurance for small businesses

By Linda Comerford
insurance-policy-freepik1170x658v4.jpg
May 31, 2022

Businesses of all sizes face the daily threat of falling victim to cyberattacks. While it's often more common to hear stories about the major corporations suffering from data breaches, small businesses can be easy targets to hackers.


What happens after a cyberattack?

Companies that are victims of cyberattacks need to ensure they understand how to respond properly to the incident. It's important to take action right away to help minimize the damage, including these steps:


Containing and assessing the breach

Determining what servers were compromised in the cyberattack helps to contain them as quickly as possible. It's vital to keep any other servers and devices from becoming infected or breached, and it also helps preserve critical evidence for assessing what happened and who was responsible. Contain the breach by disconnecting the internet, disabling remote access and maintaining any firewall settings. If there are any pending security patches or updates, install them immediately. Passwords should also be changed with a global password reset, and ensure all employees create new, strong passwords for each of their accounts.


Once the breach has been contained, it's important to determine the cause to try to prevent another attack from happening in the future. Determine who had access to the affected servers and what network connections were active at the time of the incident. Checking security data logs through antivirus protection software or email and firewall providers may help pinpoint where the breach was initiated. It's also important to identify who was affected by the breach and to educate employees on the company's security protocols. These steps are vital to help avoid becoming a victim of another data breach.


Utilize the data breach response plan and contact the insurance carrier

A data breach response plan helps businesses respond appropriately to a cyberattack by providing the proper procedures to take in a straightforward, documented manner. It should establish a baseline with existing security policies, which can be used as a framework for the plan. Elements of the policy generally include information on how to protect confidential data, instructions for the secure use of personal and company devices, how to detect malicious email scams or viruses, and more. These factors are all vital in helping to avoid a data breach in the first place.


Secondly, the plan should include information about what defines a data breach requiring a response, a designated response team, and the types of messaging and communication methods to be employed.


If the business has a cyber insurance policy, the carrier should be contacted as soon as possible to get the claims process started. The claims professionals are able to connect insureds with vetted vendors who are experienced in handling privacy breach incidents. By notifying right away, it can ensure that costs can be reviewed for approval by the carrier, avoiding issues with misinterpretation of what the cyber policy provides coverage for.


What does cyber insurance cover?

In this day, many, if not all, businesses utilize computers and other devices connected to the internet to complete daily tasks. While these devices certainly make doing business faster and easier, using computers and the internet brings an inherent cyber risk that can threaten a company's entire operation.


However, many businesses may not realize they need cyber insurance or may not understand exactly what it covers – one survey found that 91% of small business owners do not have cyber insurance for this very reason. It's common for small businesses to think their other policies – property, liability, business interruption – cover cyber-related incidents. Still, often those policies do not explicitly include or exclude cyber, leaving coverage in a grey area. The best way an organization can protect itself is to have a cyber insurance policy, especially considering any organization, from large corporations to mom and pop hardware stores and school districts, can be regularly hit by cyberattacks.


Cyber insurance, or cyber liability insurance, often provides coverage for certain losses incurred from data breaches and can help protect companies from a range of cyberattacks. The extent of cyber liability coverage will vary depending on the industry, the type of business and its specific needs. At a minimum, cyber insurance helps companies comply with state regulations that require a business to notify customers of a data breach involving personally identifiable information (PII).


Research shows that the cost of a data breach for a company with fewer than 500 employees has increased from $2.35 million in 2020 to $2.98 million in 2021. A typical cyber insurance policy looks to cover the following costs:

  • Data breach investigation
  • Data, systems and websites restoration
  • Ransomware payments and remediation
  • Income loss for business interruption
  • Expenses and income loss should a supplier experience a cyberattack
  • Restoring reputation and customer relationships
  • Cyber incident response, including legal fees, notifying affected individuals, public relations and more
  • Regulatory fines imposed by governmental agencies
  • Media liability for lawsuits involving libel, defamation, slander, copyright infringement, violation of privacy, plagiarism, etc.
  • Misdirected payment assistance resulting from a compromised business email account


How Does Cyber Insurance Benefit Small Businesses?

Small businesses are often a target for cybersecurity attacks. However, many business owners may believe that their information is not worth stealing or simply that "it won't happen to me." Smaller organizations should keep in mind that they still hold data many cybercriminals are after, such as employee and customer information, bank and credit card data and more. Any company that relies on technology such as email, keeps records filed electronically, and uses computers, phones and/or tablets, could benefit from a cyber insurance policy.


Cybercriminals also know that many small businesses lack the resources larger corporations have in place to protect their sensitive data. Cyber insurance often comes with complimentary services to help protect a small business from falling victim to a data breach. These services include having access to counsel from cybersecurity experts, cybersecurity education and training for employees, and scanning systems for potential vulnerabilities. In other words, a cyber insurance policy can provide many levels of protection that a small business needs to reduce its chances of suffering a breach.


Small business owners should be aware that the premiums on a cyber insurance policy designed to support their business's unique risks and budget will cost a fraction of the amount the company could spend recovering from a cyberattack. Maintaining cyber insurance will help keep the business operational after an attack, and it also demonstrates to their customers that their well-being and privacy are top of mind.


Cyber insurance will not stop a data breach from occurring. However, a cyber policy provides the peace of mind small business owners need that a cyberattack will not result in the closing of their doors permanently.

KEYWORDS: business continuity cyber insurance cyber security ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Linda comerford

Linda Comerford, Assistant Vice President, Cyber Services and Incident Response, joined AmTrust in January 2022. She manages vendor relationships, and collaborates with the insured, privacy counsel, forensic firm and notification vendors to ensure superior cyber claim service throughout each critical stage of the incident response process.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • small-business-freepik1170.jpg

    Why small businesses are vulnerable to cyberattacks

    See More
  • Cyber Liability Insurance: Moving from Insurance to Assurance; cyber security news

    How to protect businesses against the threat of ransomware attacks and the role of cyber insurance

    See More
  • cyber security

    The integration of small business cybersecurity protection and cyber insurance: An emerging trend in 2021

    See More

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing