The frequency and intensity of data breaches and other cyberattacks keeps escalating. Although most of the publicity surrounding breaches has involved large, well-known companies, startups and other small companies are not immune.
Any company that possesses sensitive business information or that stores personal customer data, such as names, dates of birth or credit card numbers, is a potential target. And the risk does not always come from the outside. An employee may lose a phone or tablet that contains sensitive data, or a disgruntled employee may leak it.
Given the risks, startups must consider whether it is worthwhile to purchase insurance for data breaches, especially where data breach-related expenses may not be covered by existing policies.
Insurance companies keep issuing new variants of cyber insurance policies. While such policies could provide critical protection for a startup that has fallen victim to a data breach, just buying a policy is not a guarantee of coverage. Insurance companies may deny claims for a host of reasons, only some of which are grounded in explicitly labeled exclusions.
Consider the following points if you decide to shop for cyber insurance.