The largest barriers preventing small business owners from purchasing a policy revolve around a misunderstanding of their perceived threat, what’s covered, and the reasonable pricing. Take the time to explain every factor at play and how the cost of the policy will be well worth the investment should a data breach occur — because it’s only a matter of time before you receive a phone call from a client asking you if they’re covered.

Although attempting to sell these policies to businesses with smaller budgets can appear to be a daunting task, here are a few tactics to help small to midsized business owners understand how a policy could save their company.

1. Show them the money

A significant data breach can cripple a small company’s balance sheet and potentially put the firm out of business altogether. According to the IBM study, the average cost of a data breach is approximately $4 million and the average cost per lost or stolen record in the U.S. is $221. If your prospect is wondering why reacting to a data breach is so expensive, insurance agents must clearly delineate every significant cost associated with a breach.

Related: 6 categories of questions you'll be asked when appplying for cyber coverage

After a data breach is identified, the affected company will need to hire a computer forensics firm to look at its computers and identify where the hack occurred. After that, 47 states in the U.S. require businesses by law to notify and provide credit monitoring for every individual affected in the event of a data breach. The business also must hire a legal consultant and should consider engaging a public relations firm to help notify customers and manage the company’s reputation.

On top of all of this, regulatory fines and penalties can also be handed down by state legislators. Third party lawsuits, an unfortunate reality when dealing with thousands of disgruntled customers, may also arise and can quickly rack up the expenses.

Considering that each cost described here is covered in a basic cyber liability policy, purchasing this coverage could be lifesaving to a small to midsized business.

2. Put the ‘It’s too expensive’ argument to bed

After hearing about the extensive and potentially business-saving cyber liability coverages, a potential buyer might wonder how much a policy will cost. In our experience, cyber liability is actually fairly inexpensive relative to other insurance needs.

For a business with approximately $5 million in annual revenue, a comprehensive policy covering the expenses outlined will cost the company approximately $5,000 per year; for a company with $8 million in revenue, the cost is approximately $7,000 per year. This policy will be far from the company’s most expensive insurance cost, and, considering the extensive coverages, it will be well worth having in the event of a breach.

3. Dispel the misconception around cloud-stored data

Many small businesses believe that if customer data is stored in the cloud, they won’t be culpable should the information be compromised. This is a common misconception, as most cloud providers have hold-harmless agreements in place with their customers. These agreements release the cloud provider from liability in the event of a data breach.

In this event, the bill for all costs related to notification, credit monitoring, litigation, forensics and other costs related to a breach, will ultimately fall to the consumer facing small business.

4. Compare security measures to larger companies

Considering that most of the headlines making national news surrounding data breaches involve massive, multinational companies, many business owners think hackers won’t bother with their small firm. However, as we mentioned earlier, this is not the case. A growing number of phishing and other hacking techniques are targeting smaller businesses.

Smaller businesses are also often more susceptible to an attack than larger enterprises. With so many areas of vulnerability, including stolen laptops, computers or other computer storage devices, backup tapes lost in transit, employee theft, internal security failures, viruses, Trojan Horses, computer security loopholes and improper eradication of information, it can be incredibly difficult for a small business to keep every potential entry point protected.

Big companies with large IT staffs have the resources to train employees as well as implement cybersecurity measures that can dramatically reduce the likelihood of a successful attack. For small companies, cyber security simply isn’t seen as a priority, which can result in a higher susceptibility to attack.

Although all businesses should take some level of proactive preventative measures, a cyber liability policy can at a minimum stop the financial bleeding after an attack.

Related: Navigating the cyberinsurance maze: Inside the obligations and caveats

Harris Tsangaris is the vice president of corporate development at New York-based NFP, an insurance broker and consultant that provides employee benefits, property & casualty, retirement and individual private client solutions for clients across the United States, United Kingdom and Canada. He can be reached at [email protected].