In the beginning, most startups have lofty goals and big dreams. Quite often, those goals involve bootstrapping your way through a few rough years with a lean, dedicated team, pulling in the investor interest, and eventually creating a profound space for yourself in the market. Whether that means spending some time in an incubator or running your startup from your living room, there’s a good chance you’re singularly focused on getting the job done, with little time for much else. Throw in the need for family time and—if you can find it—time to decompress from the high-intensity world of entrepreneurship, and there are often few other concerns to think about beyond the core essentials.
Although one of those “core essentials” is often the potential risk for different lawsuits, many startups may need to expand their view of what legal hazards exist, even in the early stages. Despite some misconceptions, it’s not just patent infringement or employee treatment that need your attention and risk mitigation early on. Particularly for a new generation of entrepreneurs, risks associated with cyber security, misconceptions about general liability, and the need for professional liability all exist as well.
Cyber Threats Are Nothing to Ignore
The name Yahoo keeps popping up in the news when it comes to cyber security threats. It’s easy for a small startup to assume that cyber risks are just a problem for large enterprises. One day your business may be big enough to make it on the radar of cyber criminals looking to hack servers, steal data, and make off with large paydays from ransomware attacks against your company. For now, that’s not a concern. Right? Not quite.
The 2016 Internet Security Threat Report found that while only 1 in 40 small businesses are at threat of a cyber attack (a stark difference compared to the 1 in 2 for large enterprises), 43% of cyber attacks targeted small businesses. How do we reconcile those numbers? By considering volume. There are over 27 million SMBs in the US, compared to just over 16,000 companies in the US that might qualify as “large enterprises.”
Meanwhile, some data appears to reveal that small businesses are at a far higher risk than what the above numbers might indicate. A 2015 report from the U.S. Securities and Exchange Commission referenced a 2014 version of the Internet Security Threat Report which found that 60% of cyber attacks were against small businesses. Did the threat against small businesses somehow drop 17 percentage points between 2014 and 2016? Unlikely. The more likely scenario is that this information is painfully hard to track, making the actual threat difficult to predict and measure fully, and therefore, makes it a dangerous problem to ignore.
But let’s say your company does decide to gamble a bit on cyber security threats. That’s perhaps the most dangerous game to play for a startup. Part of that is due to the high costs associated with recovering and handling cyber attacks, as well as the hit your startup will take to its reputation.
According to the Allianz 2016 Business Risk Barometer, 69% of a company’s economic loss following a cyber incident is due to reputational loss. For a startup trying to attract investors, reputation is everything. Such a hit to your reputation may knock the steam out of your growth, permanently.
Such risks can be mitigated by cyber insurance, which is designed to help businesses recover from these incidents. Cyber insurance often includes valuable business interruption coverage, as well as coverage for cyber extortion, a growing threat more commonly associated with ransomware.
Misconceptions About General Liability Abound
Perhaps the biggest problem with general liability is not in what it does cover, but what it doesn’t. Many startups tend to assume that general liability insurance operates as a sort of “catch-all” for far more types of risks it than it will actually mitigate.
For example, a 2013 Chubb survey found that 52% of businesses assumed that their general liability policy protected their business against risks more commonly associated with errors & omission insurance. (A further 65% incorrectly believed it also covered directors & officers liability, while 32% also thought it included cyber liability.) The reality of general liability is that it’s fairly limited in scope. Perhaps the name “general liability,” is a bit misleading.
To be clear, if your business is providing more than just products, but services and advice to clients, you’ll need coverage such as professional liability. This policy is designed specifically to mitigate the risks associated with providing advice that will lead clients toward some kind of independent action. Increasingly, these kind of services are a boon for businesses, but even a small oversight, such as failing to add a legal disclaimer in the right place, can result in consequences for your business.
Additionally, it’s important to recognize just how all-encompassing that advisory role can be. Even startups that operate entirely online, and that don’t offer advice for a fee can be at risk. This is where those legal disclaimers, or more importantly the lack thereof, can get some startups in trouble.
Still, if advice and services are what your startup is doing in general, some form of insurance to help mitigate the risk of accidentally providing erroneous advice or not meeting service expectations is a necessary purchase.
There’s Value in Risk Protection
Beyond cyber security threats and potential lawsuits that may arise from providing inaccurate advice, startups need to consider the possibility of the many unknowns associated with running a business. Your startup may be on the bleeding edge of its niche but it may end up doing more bleeding than anything else if you’re unprepared to handle the increasingly 21st-century-themed risks associated with entrepreneurship.
It might be time to ask all of the right questions that you’re avoiding asking yourself. Seek advice from others who have been at it longer than you have. Do a bit of research on the type of risks most common with your industry. Getting a handle on risk mitigation early can keep those risks from creating unexpected and painful disruptions to your startup as it takes off.
About the Author
Rashmi Melgiri is the COO & Co-founder of CoverWallet.com, a company reinventing how people buy and manage insurance.
Rashmi has over 10 years of experience in the technology & media sector. Prior to founding CoverWallet, Rashmi was a strategy consultant in the Technology, Media and Telecom sector at the largest North American TMT consulting group (AltmanVilandrie & Co.). In that position, Rashmi advised companies on go to market strategy, new product development and M&A transaction. Rashmi has also worked a number of start-ups including Visible Measures and portfolio companies within Comcast Interactive Media.
Rashmi has a bachelors degree from MIT and an MBA from MIT Sloan.