Get a quote on Cyber Liability Insurance
What is Cyber Liability Insurance?
Cyber Liability Insurance is meant to cover your building design business against liability and property losses caused by cyberattacks such as hacks, data breaches, denial of service attacks, and viruses. Commercial general liability policies usually exclude coverage for Cyber Liability, so you may not have coverage for data breaches under your primary general liability policy.
Why do building design professionals need Cyber Liability Insurance?
Building design professionals are particularly vulnerable to cyberattacks because they depend on technology for creating, sharing, and communicating. We don’t live in the age of physical blueprints anymore. In the course of a project, your firm’s architects, engineers, or other design professionals are collaborating through technology with contractors, vendors, and customers. Confidential information about your customers, their projects, and the security surrounding them are flowing through email and other digital technologies. Cyberattacks could mean that private customer information is breached, valuable intellectual property is stolen, plans and drafts are destroyed, or computer systems are shut down—which may delay the completion of projects and lead to financial consequences for your clients.
Examples:
- A data breach at an architectural firm threatens confidential client information, including sensitive information about client projects. Your clients sue in response to the data breach that compromised their private information.
- A malware attack shuts down an engineering firm’s computer systems and significantly delays the completion of project deliverables. This delays the opening of a customer’s retail location and results in loss of revenue for the client.
- An architect designs a one-of-a-kind country estate for a high-net-worth client. After the architect sends building plans via email to a contractor, the contractor’s computer systems are breached and the building plans are stolen, sold, and used to build other homes. The client sues the architecture firm because she had paid for a one-of-a-kind home.
What does Cyber Liability Insurance for building design professionals cover?
Cyber Liability Insurance covers the financial losses from data breaches, hacking, viruses, denial of service attacks, and other similar cyber events.
Cyber Liability Coverage has two major components: third-party liability coverage and first-party coverage. Third-party coverage provides protection when a customer, vendor, partner, or other party sues you for allowing a data breach to happen. First-party coverage protects your company when you incur expenses from a data breach or when your company is hacked. You may choose to purchase either or both types of coverage.
Third Party Liability Coverage
The third-party liability coverage provided by Cyber Liability Insurance provides protection against lawsuits filed by clients or others against your building design business as a result of a breach of their security or privacy. These lawsuits can accuse your business of failing to adequately protect data you possess that belongs to customers, employees, vendors, or others.
Some of the claims that third-party liability may cover include:
- Legal Fees – Lawsuits, judgments, and settlements against your business that arise from a data breach. Example: Your architectural firm is supervising the construction of a building when hackers break into your computer systems and steal sensitive client data, including plans for the security system of the building project. The client sues for breach of private information and you must defend the lawsuit.
- Network Security Claims – Network security claims resulting from a data breach, or the inability of others to access data you store. This can include viruses and malware, denial of service attacks, or unauthorized access by a hacker or rogue employee. It can also cover your business if you have trade secrets or patent applications for clients that are exposed in a hack or data breach. Example: Your engineering firm has designed a power plant. Construction is about to begin when your computer systems are infected by a virus, leaving the contractor unable to access your plans, which delays the construction of the plant by two months.
- Network Privacy Claims – Privacy claims alleging you were negligent in failing to protect sensitive data of others stored on your company’s network and systems. Example: Your interior design firms works with celebrity clients who especially value their privacy. One of your interior designers loses his work laptop at a coffee shop, which has all of your customers’ personal cell phone numbers and emails on it.
- Employee Privacy Claims – Employee privacy liability if sensitive data about your employees is stolen from your company systems.
- Regulatory Fees – Fines, penalties, and costs to respond to regulatory inquiries. Costs you owe to banks to reissue credit cards are also covered.
First-Party Coverage
Data Breach
First-party coverage covers the financial losses your building design business incurs due to a data breach or hack. These costs can include:
- Notifying your customers or employees affected by the breach. Many states require businesses to notify affected customers or employees if personally identifying information is involved in a data breach.
- Providing credit monitoring services to those affected by the data breach.
- Hiring technical consultants or lawyers to find out whether a breach happened, the extent of the breach, and any regulatory compliance necessary.
- Advertising and public relations costs to educate customers or other affected parties about the breach and help to fix your company’s reputation.
Example:
- You run a major architectural firm that has built its reputation on trustworthy service. Hackers break into your firm’s computer systems and steal the private information of all of your customers, and the breach is covered by the local news. You notify your customers immediately and offer a sincere apology. To repair your reputation in the community, you take the initiative to provide credit monitoring services to the affected customers, hire a risk management consultant to analyze the breach, and run television ads about your commitment to cybersecurity. Cyber Liability Insurance helps to cover these costs that resulted from the data breach.
Data Recovery
First-party coverage will reimburse your building design company for the costs to restore or recover the lost or damaged data, as well as the costs to hire consultants to help you restore or repair your data.
Example:
- You own a civil engineering firm. A computer virus corrupts the files containing all of your plans and drafts in the system. You hire a technical consultant to restore the damaged files.
Data recovery coverage usually does not cover data loss due to mistakes made by your business or your employees. For example, if one of your engineers accidentally deletes your plans and drafts, it would not be covered.
Because commercial property coverage usually excludes coverage for electronic data, having data recovery coverage can be valuable if your company experiences a hack or cyberattack.
Business Interruption
Business income insurance (also known as business interruption insurance) is also available on many Cyber Liability Insurance policies. If the loss or destruction of data leads to a disruption in your ability to do business, this coverage can pay for the loss of business income your business faces.
Example:
- Your architectural firm’s computer systems are hacked, and your blueprints and drafts for current projects are destroyed, leading to significant project delays as your employees struggle to recreate project data. Your business income insurance under your commercial property policy will not provide any coverage for this electronic data loss, despite the loss of profits. Cyber Liability Coverage can reimburse you for the lost profits when data is lost due to a cyberattack.
Note however that this coverage only applies to lost profits that are directly a cause of the cyberattack. If your sales decline due to a hit to your reputation from the data breach or cyberattack, these declines will not be covered, as they are not directly caused by the breach or attack.
Cyberextortion
First-party coverage can also cover cyberextortion. If your business is threatened with damage to your computer systems or networks unless you pay a ransom, this insurance can provide coverage. Cyberextortion coverage can reimburse you for the money you spend to respond to the extortion demand, as well as any ransom you pay.
Example:
- One of the employees at your architectural firm receives a ransomware email and inadvertently downloads malicious software to your company’s systems, exposing your company’s network to a cyber criminal. The attacker demands that you pay a $500,000 ransom or he will delete all your client files, blueprints, and drafts.
Sublimits
Many Cyber Liability Policies have sublimits for first-party coverage. A sublimit is part of the limits of insurance, but it places a maximum on the amount of coverage for that type of loss.
Example:
- Your engineering firm has a Cyber Liability Policy of $1 million, with a 50% sublimit on first-party coverage. Hackers are asking for a $1 million ransom to release your company’s plans and drafts that they have hijacked. Your Cyber Liability Insurance will only pay up to $500,000 because of the sublimit on first-party coverage.
What are the key exclusions of Cyber Liability Insurance for building design professionals?
Cyber Liability Insurance is primarily designed to protect your business from cyberattacks. However, there are some exclusions to the coverage from this insurance. These include:
- Damage to your business reputation as a result of a data breach.
- Costs to fortify and improve your internal technology systems.
- Lost future sales because customers avoid your business after a breach.
- Loss of intellectual property owned by your business.
- Damage to your business caused by your own or your employee’s actions. For example, you install new software that causes your network to go down for several days.
How much does Cyber Liability Insurance cost?
The average cost of cyber insurance is $1,485 per year in the U.S. The costs of insuring your business against data breaches and hacking attacks varies based upon the nature and size of your business, as well as the state in which your business is located. Below, we list the average cost of cyber insurance in each state, along with the difference between the state average and the national average.
| State | Average Cost of Cyber Insurance | Difference from National Average |
|---|---|---|
| Alaska | $1,532.89 | 3.23% |
| Alabama | $1,539.40 | 3.67% |
| Arkansas | $1,646.50 | 10.88% |
| Arizona | $1,581.50 | 6.50% |
| California | $1,430.18 | -3.69% |
| Colorado | $1,521.67 | 2.47% |
| Connecticut | $1,593.62 | 7.32% |
| District of Columbia | $1,539.25 | 3.66% |
| Delaware | $1,446.47 | -2.59% |
| Florida | $1,529.82 | 3.02% |
| Georgia | $1,450.54 | -2.32% |
| Hawaii | $1,519.46 | 2.32% |
| Iowa | $1,505.73 | 1.40% |
| Idaho | $1,483.70 | -0.08% |
| Illinois | $1,434.59 | -3.39% |
| Indiana | $1,484.06 | -0.06% |
| Kansas | $1,501.38 | 1.11% |
| Kentucky | $1,587.10 | 6.88% |
| Louisiana | $1,623.94 | 9.36% |
| Massachusetts | $1,380.59 | -7.03% |
| Maryland | $1,471.18 | -0.93% |
| Maine | $1,467.39 | -1.18% |
| Michigan | $1,339.33 | -9.81% |
| Minnesota | $1,708.11 | 15.03% |
| Missouri | $1,509.00 | 1.62% |
| Mississippi | $1,472.55 | -0.84% |
| Montana | $1,478.29 | -0.45% |
| North Carolina | $1,421.49 | -4.27% |
| North Dakota | $1,464.42 | -1.38% |
| Nebraska | $1,485.64 | 0.05% |
| New Hampshire | $1,431.99 | -3.57% |
| New Jersey | $1,615.25 | 8.77% |
| New Mexico | $1,355.36 | -8.73% |
| Nevada | $1,507.55 | 1.52% |
| New York | $1,616.70 | 8.87% |
| Ohio | $1,553.68 | 4.63% |
| Oklahoma | $1,513.03 | 1.89% |
| Oregon | $1,462.50 | -1.51% |
| Pennsylvania | $1,466.49 | -1.24% |
| Rhode Island | $1,541.58 | 3.81% |
| South Carolina | $1,398.83 | -5.80% |
| South Dakota | $1,489.45 | 0.30% |
| Tennessee | $1,500.20 | 1.03% |
| Texas | $1,459.22 | -1.73% |
| Utah | $1,515.10 | 2.03% |
| Virginia | $1,467.83 | -1.15% |
| Vermont | $1,457.70 | -1.83% |
| Washington | $1,449.80 | -2.37% |
| Wisconsin | $1,523.03 | 2.56% |
| West Virginia | $1,629.64 | 9.74% |
| Wyoming | $1,426.89 | -3.91% |
Besides the location of your business, a number of other factors can greatly affect the premiums that you pay for cyber insurance. Insurance companies will take into account the nature of your business, the number of sensitive employee and customer records you store, whether your business stores credit card and banking information on your customers, and the types of security defenses your company has undertaken. Additionally, if your company has a history of cyber insurance claims or if it has been attacked or hacked in the past, your premiums may be higher. Head over to our list of the best cyber insurance companies of the year for information on some of the top providers.
Final Word
Cyber liability risk is important for building design firms to insure against. Since architects, engineers, and other building design professionals now use so much digital technology to collaborate on their work, cyberattacks pose a significant threat to the private information of customers, the design professionals’ work, and the timely completion of building projects. Cyber Liability Insurance will cover the financial losses resulting from cyberattacks, giving building design professionals the peace of mind they need to meet their clients’ expectations.
