Cyber insurance is no substitute for prevention, but it should still be treated as a preventative step, often a step (or several steps) behind zero-day threats.
What Does Cyber Insurance Cover?
After a ransomware outbreak, it’s common to think, “insurance will cover this, right?” Well, that really depends on your policy. Most general liability insurance can be purchased with an additional rider or endorsement that covers cyber threats. However, most general liability plans do not cover losses due to cyber threats (malware, ransomware, breaches, destruction of data, etc.). Implementing cybersecurity protections that complement cyber insurance is important.
What Losses Can Happen?
- When a client on a lower management tier (which does not include a virus-fix guarantee) needs us to clean up and restore their data (assuming they have backups), this is often tens of thousands of dollars in labor. An incident response can include our whole team pulling all-nighters for several days.
- If a client loses data to a breach, all the expenses of a breach notification to all affected victims falls on the clients’ shoulders.
- Some of the breach victims will sue the client for privacy violations.
- Forensics work to determine the vector of attack and attempt to prosecute can be over $100,000.
- If the client does not have backups of critical systems and must pay the ransom, then they have to fork over tens of thousands of dollars in ransom.
- Systems can be down for days or weeks, causing loss of productivity for all staff and zero cash flow.
- Oftentimes, a hacker steals intellectual property or cash (via wire transfer), which can’t be recovered.
- The client suffers from bad press and a hit to their reputation.
None of this is covered by your normal business general liability insurance.
To mitigate some of these risks, a cyber insurance plan or cyber rider is needed. A breach protection/data compromise policy will work, too. How many of these potential losses can be mitigated varies depending on your cyber policy. For instance, the policy may not compensate for lost productivity or for time spent recreating intellectual property.
Again, keep in mind that these policies are evolving with the threats and business risks. Some policies may cover breach notification, fines, and forensics, but none of the clean-up and data restoration involved. So, discuss the policy you are looking at with a qualified rep.
What Can Be Covered?
There is no standard for underwriting these policies, but these are common reimbursable expenses:
- Investigation: A forensics investigation is necessary to determine what occurred, how to repair damage, and how to prevent the same type of breach from occurring in the future. Investigations may involve the services of a third-party security firm, as well as coordination with law enforcement and the FBI.
- Business losses: A cyber insurance policy may include similar items that are covered by an errors & omissions policy (errors due to negligence and other reasons). It may also cover monetary losses experienced by network downtime, business interruption, data loss recovery and costs involved in managing a crisis, which may involve repairing reputation damage.
- Privacy and notification: This includes required data breach notifications to customers and other affected parties, which are mandated by law in many jurisdictions, and credit monitoring for customers whose information was or may have been breached.
- Lawsuits and extortion: This includes legal expenses associated with the release of confidential information and intellectual property, legal settlements, and regulatory fines. This may also include the costs of cyber extortion, such as from ransomware.
Have questions? Need help with cyber insurance? Contact us now!
