MBO Partners provides excellent guidance on whether independent contractors should have cyber insurance.
Setting insurance requirements for independent contractors can be a tricky line to walk. On the one hand, setting the requirements too low leaves you vulnerable to damages and lawsuits. On the other hand, setting them too high can cause premiums to skyrocket, which deters top independent talent from working with you at all. As a general base, most independent contractors are required to have general liability insurance, professional liability insurance, or both. These two coverages protect your company against physical harm caused by the independent contractor, as well as intangible damages caused by errors in their work. What they don’t protect is data.
What is the Benefit of Cyber Insurance?
“Cyber Insurance” may sound like something that only IT professionals would need, but it’s actually a relevant protection for most industries. These days, the chances that you use a computer or interact with sensitive personal information are pretty high. Whether this data is encoded deep within your computer or is handwritten in a notebook, Cyber Protection takes the liability off of your hands should anything happen to it. While cyber protection won’t be necessary for every independent professional, it’s worth taking a deeper look at what it covers, and whether you should require it in your next contract.
What Does Cyber Insurance Cover?
Most businesses have strategies in place to protect against hackers and data theft. But while you may have expensive firewalls on company computers and insurance should they fail, an independent worker may not. Cybercriminals target businesses of all types, including independent contractors. If private data on your company or your clients is stolen from an independent contractor’s computer, your insurance policy likely won’t cover the damages. Cyber protection helps independent contractors cover client lawsuits, investigations into the breach, and credit monitoring for those affected. Although it has been dubbed “Cyber,” it also protects physical data breaches, like client files being stolen from an office, home, or car.
Can Cyber Insurance Help in the Event of a Data Breach?
The average financial impact of a data breach in the United States is $6M. Cybercriminals commonly use either ransomware or social engineering to steal and monetize data. Ransomware locks your data, essentially holding it hostage until you’ve paid a ransom—and, in some cases, destroys the data even if a ransom is paid. Social engineering is a form of coercion used to make targets give up passwords, computer access, or banking information. These can look like an email from a friend, or a message from a company you work for asking for password verification or account information, among other things. Independent contractors can be especially vulnerable to these attacks, as they often work from places with public internet connections, like coffee shops. Cyber Insurance helps independent contractors with the costs associated with the breach, preventing the situation from turning into a lawsuit between them, the enterprise, and anyone whose information was compromised.
Common Cyber Insurance Questions
1. Why isn’t Cyber included in a standard Business Insurance policy?
The basic reason is that digital communications change too fast for the business insurance industry to keep up. The rules and procedures governing the Cyber world are much more fluid than rules about copyright or libel, for example. Separating Cyber from other coverages like Professional Liability allows it to adapt more quickly.
2. If an independent contractor uses a third party to handle customer data, who is responsible for the breach?
Because the independent contractor is the one who asked for the information, they are responsible for what happens to it. Even if they use a company (whether that’s you or a third party data security company) to store it, they can be held liable in the event of a breach.
3. How much can a company’s IT department prevent?
If you have IT specialists solely focused on risk assessment, they may be able to work with your independent contractors to prevent breaches on their end. However, typically an IT department will not have the necessary time or resources to adequately monitor every independent contractor on the company payroll.
Read the full story at Should Your Independent Contractors Have Cyber Insurance? | MBO Partners