Top 3 Takeaways from SaaStr 2024 for SaaS CMOs and Marketing Teams
Tiller CEO Chantelle Little shares hot takeaways from SaaStr 2024. Learn how CMOs from the world’s top-growing SaaS companies are driving growth.
The Singapore Ministry of Health reported that the health records of 14,200 HIV positive patients had been hacked and released online. An Oklahoma government server storing FBI investigation records was found to be accessible to the public. A Texan City Hall had to shut down all digital operations after a ransomware attack. And Citrix, a multinational SaaS (software as a service) company serving 400,000 businesses, suffered a data breach where hackers had access to sensitive information for approximately six months before it was identified.
445 million cyber attacks have been detected in the United States alone since the start of 2020. And a recent study conducted by the Internal Data Corporation of Canada found that “cybersecurity incidents are occurring on a regular basis and the cost of these compromises is at an all-time high. The average cost per organization of responding to, and recovering from, cyber security incidents increased to between $4.8 – $5.8 million, up from $3.7 million last year.”
Cyber attacks are now a very real threat to businesses of any size, in any industry. If your business handles or stores personal/sensitive information online, cyber liability insurance should be a priority.
Cyber liability insurance covers a business in the event of a data breach or other cyber event where sensitive information (e.g. contact information, financial, personal health records, etc.) is involved. A policy can cover errors of omission (the business didn’t do something they were supposed to do) or commission (the business did something they were not supposed to do). It provides financial assistance for the extraordinary costs that can result from an attack.
Cyber liability is not typically included within general liability insurance and must be purchased separately.
Cyber attack techniques are constantly evolving. So it’s important for your business to stay up to date, take appropriate preventative measures, and respond swiftly if an event does occur. The most common cyber attack tactics are:
Remember that human error frequently plays a role in cyber attacks. An employee falls for a phishing scam. A predictable password is used. A free USB drive installs malware on the company computer. Cyber attacks can be unintentionally initiated by the most innocent of employees. That’s why education is so important. The more your team understands the types of cyber attacks (and the potential fallout), the more likely they are to identify a threat.
Any business that handles or stores sensitive information online should prioritize cyber security.
Sensitive information can include:
When considering cyber liability insurance, remember that your business may be held liable for a third-party vendor’s data breach. To avoid this, many businesses require their third-party vendors to carry sufficient cyber liability insurance and explicitly state in the contract that they will not be liable in the event of a cyber event.
According to Verizon’s 2020 Data Breach Investigation Report:
Risk assessment and testing can be incredibly eye-opening for businesses on the fence about purchasing cyber liability insurance. System testing can flesh out potential weak points and vulnerabilities in your infrastructure and inform your priorities for insurance coverage.
A thorough risk assessment can expose the potential fallout from a cyber attack, including:
According to Forbes, 2020 cyber liability trends favour comprehensive scenario-based testing over data assumptions. Not sure how to execute a risk assessment? You can hire a cyber security company to conduct the assessment for you. An assessment could include:
Underscoring the importance of prevention and risk assessment, the Financial Post reported:
“Canadian companies are still overconfident in their abilities to successfully defend against cyber security attacks. Many are now realizing the need to implement a cyber resiliency plan in order to better prepare, defend and respond to incidents,” said Theo Van Wyk, Chief Technology Officer – Security at Scalar Decisions. “The rise in the percentage of successful breaches coincides with the shift in cyber security efforts from protection against attacks to improving detection of malicious attacks and responding to and recovering from incidents.”
As the saying goes, the best time to plant a tree was yesterday. The same rings true with cyber liability insurance. Cyber liability insurance should be as commonplace as general liability. Without sufficient coverage, your business is exposed to potentially devastating fallout from a cyber attack.
“… Zogby Analytics survey of 1,008 small businesses with up to 500 employees, found that after suffering a data breach 10 percent went out of business, 25 percent had to file for bankruptcy and 37 percent experienced a financial loss.”
Any business that deals with sensitive information online needs coverage, regardless of how small the business may be. It’s better to be proactive than reactive.
The primary goal of cyber liability insurance is to protect the business itself, but there is a larger scope. Depending on the type of cyber event, affected third-parties (like customers) may have to deal with:
First-party coverage typically covers costs associated with:
Third-party coverage typically covers costs associated with:
There is no standard cyber liability insurance policy, so each provider may charge something different. According to a 2019 study, “the average cost of cyber liability insurance in the United States was $1,501 per year for $1 million in liability coverage, with a $10,000 deductible”.
A risk assessment and careful audit of potential vulnerabilities can help determine the ideal coverage for your business. Cyber liability cost factors can include:
Cyber liability insurance isn’t cheap but it is important. So when considering a policy, carefully consider the potential consequences of facing a cyber attack with insufficient coverage.
Like any insurance policy, cyber liability insurance has exclusions. Coverage can vary by provider, but common exclusions are:
AXA XL provides cyber liability insurance to businesses around the world for industries ranging from livestock to aerospace to entertainment and leisure. They offer personalized risk consulting services to help businesses identify system vulnerabilities, evaluate resiliency, and forecast the economic impact to your business caused by a cyber event.
In addition to risk consulting, AXA XL lists coverage for:
Chubb is a cyber liability insurance carrier that offers a suite of cyber risk solutions for businesses of all sizes, with no minimum premiums. Your premium scales based on your needs. Most policies are eligible for a minimum of $10 million of coverage, up to a maximum of $100 million.
Chubb’s services include loss mitigation, incident response, partner networking with other cyber experts, and a 24/7 incident reporting mobile application.
Co-operators offers a cyber liability insurance called “Privacy Breach Coverage”. This is an add-on to a general business insurance policy and covers liability and expenses.
Liability coverage ranges from $100,000 to $1,000,000, with no deductible. Privacy breach expense coverage ranges from $25,000 to $250,000, with no deductible. Co-operators also offers loss prevention and remediation services including:
American Insurance Group (AIG) offers stand alone cyber liability insurance policy or endorsed into a financial, property, casualty policy. There are six coverage channels available, each offering a variety of features/services. The range of coverage includes:
Travelers offers a suite of cyber liability solutions:
Travelers also offers pre and post-breach services to customers (at no additional cost) to assist in education and risk management.
AmTrust Financial specializes in insurance for small businesses. With a maximum policy coverage of $1,000,000, the AmTrust cyber liability insurance policy includes first and third-party coverage.
First-party coverage includes coverage for privacy breach response services, cyber extortion, data protection, and business interruption. Additional post-breach services are also included in the policy:
Whether you’re handling health information, accepting payments, or simply have an email sign up for a blog, you need a secure website that will safeguard information from cyber threats.
You’ve probably noticed that most websites nowadays begin with HTTPS in the URL bar. HTTP stands for Hypertext Transfer Protocol and is an information transfer protocol. The “S” in HTTPS means that the site has an SSL certificate and your information is transferred through a secure, encrypted channel on the web.
This is just one of many ways you can protect your website. Choose your tech stack wisely, have a company-wide password policy with frequent updates, educate your team, etc. Take the security of your website seriously.
We only build secure websites at Tiller. Why?
If you need a secure, reliable, revenue-driving website for your business, give us a call.
Get the inside scoop on the strategies and thinking that drives us (and our clients) forward.
Tiller CEO Chantelle Little shares hot takeaways from SaaStr 2024. Learn how CMOs from the world’s top-growing SaaS companies are driving growth.
From new solutions pages and case studies to purposeful animations and performance, read how and why we took our brand and website to the next level.