No Coverage
CF: What sort of risk are businesses facing without cyber insurance?
JS: I think partially that determination on risk is about that business and what they do and what business they’re in. If you’re a technology company today, you probably won’t be working with other large companies if you don’t have cyber insurance, because it’s oftentimes a contractual requirement before they sign you up as a customer of theirs. If your business is in cloud-hosted software, SaaS, if you don’t have cyber insurance, you’re not going to be able to sign up new customers typically.
For non-tech companies that aren’t dealing with a whole lot of data they’re storing, that is more of a judgment of risk, what’s your risk tolerance, because the impact of the data breach might not be as large. Let’s say you’re mowing lawns and you have a client list of 1,000 people, and you’re not storing any other information other than their names and email addresses. Your risk is much lower than an organization that’s storing health records, like patient health records. So part of it is a determination on what type of information you’re storing.