cyber insurance

Here’s Why Cyber Insurance is a Must for Startups (and it’s Affordable)

The dreaded 180-day notification arrives on your computer. It’s time to change your password again. What version of a pet’s name or mother’s maiden name will you use this time? Max1234? Sherbert5678? Now, you must remember this new password and the one to your credit card and your bank and your Venmo and on and on. It is exhausting and, sometimes, you wonder if it is all worth it. After all, who would hack my accounts? You’re no Fortune 500 company, no millionaire — just an average person with a small business. You have a few employees and project $200,000 in sales, not $20 million. Yet, all around you, cybersecurity and ransomware attacks buzz, and it’s best that you invest in cyber insurance.

Read a multitude of insurance websites or simply your local newspaper, and there is invariably a news story of a cyberattack every week: According to, hackers have been sharing personal information of Tulsa, Oklahoma, residents after breaking into town hall servers. Georgia’s St. Joseph’s/Candler health system had its computer systems shut down for a week. Similarly, a cyberattack on Vermont’s largest hospital has estimated recovery costs upward of $63 million. Then, over the Fourth of July weekend, Russian hackers from an outfit dubbed REvil attacked businesses in 17 countries, demanding payouts as high as $5 million and as low as $45,000 from smaller operations, according to the Associated Press

Bigger firms are often targeted with demands of $30 to $50 million in ransom payments, per, but even small businesses are feeling the heat, with the average ransomware payment valued at $220,000, per Coveware. Small businesses are vulnerable, too, because they often lack the sophisticated defense mechanisms put in place by larger companies. 

Contact Michael Spath with any of your insurance questions

Here’s why you should invest in cyber insurance for your startup

The FBI is working to counter cyberattacks, but the agency tends to target its efforts on million- and billion-dollar businesses, leaving mom-and-pop shops to largely fend for themselves. 

The good news? Cyber insurance is still relatively affordable, though recent trends have industry insiders predicting rates to rise. Premiums are influenced by exposure and the level of risk management protocols in place to mitigate threats, but for small businesses scrutinizing every expense, it is far more affordable to pay a few hundred dollars in preventative coverage than to pay thousands if servers and systems are broken into and customer information is compromised.

“One of the important reasons middle-market and smaller organizations purchase cyber insurance is that virtually all insurers offer a panel of pre-approved outside vendors that can assist insureds on both a pre- and post-incident basis,” Doug Miller, senior vice president of specialty risk practice for Kapnick Insurance Group, said. “These vendors include specialized law firms, incident-response firms, IT forensic companies, credit/identity monitoring, public relations and other cybersecurity and technology firms, which may otherwise be unknown to an insured. Accordingly, should there be an incident, insureds do not have to scramble around to research, identify and hire such experts themselves. Knowing their fees will be paid for by the insurance makes a difficult situation much easier.”

Sign Up: Receive the StartupNation newsletter!

How does cyber insurance work?

While the actual ransom payments receive the greatest attention, there are several costs associated with a cyber or ransomware attack in which your insurance coverage will provide considerable benefit, including:

  • Costs incurred when responding to the breach, including public relations expenses, legal guidance and forensic investigative expenses.
  • Defense and indemnity for lawsuits alleging failure to protect confidential information, prevent an attack, failure to provide timely notice of a breach and additional medial liability allegations including defamation, libel and slander. 
  • Costs from fines and penalties imposed by the government for non-compliance with federal and state privacy laws. 
  • Reimbursement of lost revenue due to a network outage caused by an attack or system failure at the insured.
  • Cost to restore damaged or destroyed data, software and hardware

Contact Michael Spath with any of your insurance questions

What does that all mean? 

For a small business, it could be the difference between continued operations and bankruptcy. 

Even if you win a court case, legal fees can be overwhelming, sabotaging your cash flow and future growth opportunities. Cyber insurance covers those legal costs, so you can continue to invest in your business’ short- and long-term future. 

If you or an employee accidentally falls victim to a phishing scam and your hard drive and network are held captive for hours, days or even weeks, cyber insurance coverage will not only help with the costs associated with rebuilding your computer systems but will also provide business interruption income, keeping the cash flow going, even on days you cannot serve customers or clients. 

Every policy is written with nuance, so it is incredibly important you discuss in-depth with your insurance agent what your policy coverage includes and what is excluded. But in today’s climate, where the proliferation of hackers is growing exponentially, every business, large or small, is at risk to suffer an attack, and organizations like REvil will offer no mercy. They do not care if you are a one-person operation in which you’ve invested your life savings. Whether for sport or for financial gain, their aim is simple — to cause you the greatest devastation. 

Thankfully, insurance carriers have responded in kind and are positioned to return you whole. A good broker will insist on cyber risk mitigation as part of your policy. However, it is your imperative, whether as an established small business owner or as a first-time entrepreneur, to demand full protection against every threat, those caused by storm, employee neglect or sinister forces with a keyboard.

Previous Article
digital transformation

Surviving and Thriving Post-Pandemic in a World of Constant Digital Transformation

Next Article
WJR Business Beat

WJR Business Beat with Jeff Sloan: It's Important to Support Our Local Bookstores (Episode 258)

Related Posts
Read More

A Beginner’s Guide to Business Success in the Metaverse 

There’s no hiding from it: The metaverse is coming, and it’s on track to disrupt the world of business as we know it. Championed by newly rebranded Meta (formerly Facebook), the metaverse will be a network of 3D, 360-degree immersive and interactive micro-worlds. These digital spaces are where we will buy products, consume media,  learn...
Read More

4 Reasons to Consider Outsourcing Your Sales Support

Sales representatives are responsible for boosting the company’s profits, and it can be a daunting task. Because of this, sales support takes some of this burden off their backs. Having sales support may not directly improve sales, but it has a positive impact on operations. Additionally, representatives can concentrate on improving their performance. The roles...
focus groups
Read More

Build on Metrics by Designing Effective Focus Groups

Click-through rates, purchasing history, engagement rates—such metrics are helpful, but for ultimate success as a brand, you need to get beyond the what of customer behavior and uncover the why.  Focus groups are one of the most effective ways to do that. They allow you to engage your customers in conversation and gain valuable qualitative...
Read More

Entrepreneurs: How to Focus Ruthlessly and Win in 2022

New and aspiring entrepreneurs often fall victim to impatience and imperfection. When something’s not working perfectly to their standards (or worse, fails), they take it personally and don’t know how to move on to better iterations after the setback. But that’s what startup life is all about. To win, you have to learn how to...