Good insurance as the final piece of your cyber plan
06 Jul 2023
Since 2021, the importance of good cyber insurance has begun to filter through to the wider business community. This shift is reflected in an acceleration in the number of companies and their managers who are becoming aware that cyber insurance is essential for business continuity and that not having such insurance can be considered a management error. This should come as no surprise, given the far-reaching consequences that cyber incidents can have on your business.
Read our full dossier on cybersecurity via this link.
Comparison with comprehensive insurance for company cars
The average cost of cyber insurance is affordable for most companies and comparable to the cost of comprehensive insurance for your company car as a business owner. This is a minimal cost compared to the enormous damage your company could suffer in the event of a cyber incident. Recent figures show that the average cost of a cyber attack is 441,000 euros, but for a large company, the damage can quickly exceed one million euros.
“You may be an excellent driver yourself, but an accident can also be caused by third parties.” – Xavier Lesseliers
All businesses, large or small, can be hacked
There is a misconception that cybercriminals have the most to gain from hacking a large or international company. However, 60 percent of cyber attacks are aimed at SMEs. It is therefore just as important for SMEs to protect themselves against cybercriminals. These criminals will always try to penetrate the business systems of small and medium-sized enterprises first, because they assume that these companies have less robust cyber security, weaker IT security and lower awareness among their employees. It is therefore important for SMEs to prove these cybercriminals wrong.
However, the reality is that all systems can ultimately be hacked. But the better your company is secured, the longer it will take cybercriminals to break in. Hackers are more likely to give up on business systems that take longer and require more effort. Even in the criminal digital world, they are always on the lookout for easy victims.
"SMEs are often easier prey for cybercriminals. Awareness within the company is lower and IT security is not always at the same level as in large companies. It is therefore very important, especially for small and medium-sized enterprises, to realise that there are still many opportunities to take out a comprehensive package of good insurance conditions. This trend is already emerging among large companies and will soon reach medium-sized and smaller companies as well." – Xavier Lesseliers
3 triggers for cyber insurance
There are three important triggers that can activate cyber insurance. These do not have to occur simultaneously.
The first trigger is a breach of the protection of your personal and/or company data (1). If this is met, your cyber insurance policy will be activated. The second trigger is a security breach, ranging from unauthorised access to your computer system to viruses, malware, DOS attacks and more. The entire range of incidents that fall under security errors (2) also trigger your policy. A final, very important trigger is system failure (3), such as an unexpected failure of your computer system or your server crashing. In the latter case, cybercriminals do not even have to be at the root of the problem, but your business is still at a standstill with all the consequences that entails.
Good cyber insurance protects against four key areas
As a business, large or small, it is therefore advisable to insure yourself against cyber incidents. However, determining which insurance you need is not always straightforward, and suitable insurance will naturally vary from one business to another. Nevertheless, there are a number of elements that should be included in any good cyber insurance policy.
The first area or pillar is liability (1). As a company, you can never claim compensation for this yourself, but it is intended to compensate third parties for damage, for example as a result of a personal data breach. The next three pillars are areas where, if you did not have cyber insurance, you would have to bear the costs yourself. The first of these is the area of “crime” (2). This includes any ransoms that must be paid back, costs for crisis management that must be carried out, or the theft of digital money. The next pillar is loss of profit (3). Your company is (partially) shut down during or after a cyber incident, which means that costs go up, but income often goes down. The estimated loss of profit can be included in a cyber insurance policy and reimbursed. The last major area is everything related to your own damage and costs (4), such as hiring forensic specialists, reconstructing data and more.
“Comprehensive cyber insurance protects you against four key areas: your own damage and costs, loss of profit, liability and, of course, cybercrime. Legal assistance can be added as an optional extra. Only when all these areas are covered by your cyber insurance can you be sure that you are fully protected.” – Katrien Dom
Once cyber insurance is triggered, cooperation on many fronts is essential. Your own IT services, external IT partners, legal partners and crisis management must work closely together to achieve a successful outcome.
“Following a cyber incident, we as an insurer assemble a team of people and specialists in the fields of IT, crisis communication and legal affairs to work with your company to find a satisfactory joint solution.” – Xavier Lesseliers
What is not covered by cyber insurance?
Cyber insurance focuses on intangible, non-physical damage. Material and physical damage will always be insured under a separate policy. Certain contractual liabilities will also not always be covered on a one-to-one basis.
Read our full dossier on cybersecurity via this link.
Looking for additional information?
Make an appointment with our experts now and receive personalised advice about the possibilities, tailored to your company's needs.
Related articles
Nieuw aansprakelijkheidsrecht sinds 01/01/2025
Sinds 01/01/2025 is er via het Nieuwe Boek 6 een aanpassing gebeurd in de wetgeving omtrent buitencontractuele aansprakelijkheid. In het kader van uw beroepsactiviteiten heeft dit een belangrijke invloed. Een schadelijder kan zijn claim, wegens het slecht uitvoeren van een contract, sedert deze datum niet langer alleen uitsluitend tot uw bedrijf richten, maar ook rechtstreeks tot uitvoeringsagenten zoals bestuurders, werknemers, directieleden, stagiairs, zelfstandige freelancers of medewerkers zoals CEO, CFO, projectleiders etc of onderaannemers. Door deze aanpassing in de wetgeving is het noodzakelijk dat u als ondernemer binnen uw onderneming een aantal maatregelen neemt.
Read more
EXPERTISE VERZEKERD: Employee Benefits en de 'duty of care' vanuit uw onderneming
Employee benefits, beter gekend als extralegale voordelen kennen een explosieve opmars. Vanuit de ‘duty of care’ die u als werkgever heeft ten opzichte van uw werknemers, is het van belang om hierin mee te groeien. Zo worden op dit moment vaak niet alle voordelen ten volle benut en wordt nog te vaak het aanbod niet volledig afgestemd op de noden. We nemen u in dit dossier dan ook graag mee in de meest voorkomende niet-tastbare extralegale voordelen die bovendien op langere termijn verrassende rendementen kunnen opleveren.
Read more