Like many businesses, your firm may use, store, send, or receive electronic data. This data may include information that belongs to your business, like sales projections and tax records. It may also include data that belongs to other people, such as clients, employees, and vendors. For example – social security numbers, employment records, addresses & dates of birth, payment information and other sensitive data.
If electronic data stored on your firm's computer system is lost, stolen, or compromised, the cost of restoring it can be significant. Additionally, your company may be liable for damages to third parties whose data has been stolen. Your firm may also incur notification expenses if your state requires you to inform those affected by a data breach. You can protect your business against the costs associated with data breaches by purchasing a cyber liability policy.
Cyber liability insurance covers financial losses that result from data breaches and other cyber events. Many policies include both first-party and third-party coverages.
First-party coverages apply to losses sustained by your company directly. For example, damage to your company's electronic data files caused by a hacker.
Third-party coverages apply to claims against your firm by people who have been injured as a result of your actions or failure to act. For instance, a client sues you for negligence after his personal data is stolen from your computer system and released online.
While cyber liability policies vary from one the next, many provide similar types of coverages. The most common coverages are outlined below.
Cyber liability policies typically include various property and crime coverages. They also cover certain costs, such as notification expenses. First-party coverages are often subject to a deductible or retention.
Loss or Damage to Electronic Data - Many policies cover losses caused by damage, theft, disruption or corruption of your electronic data. They also cover damage or theft of data stored on your computer system that belongs to someone else. For a loss to be covered, it must result from a covered peril such as a hacker attack, a virus, or a denial of service attack. The policy generally covers the costs to restore or recover lost data. It may also cover the cost of outside experts or consultants you hire to preserve or reconstruct your data.
Loss of Income or Extra Expenses - Many policies cover income you lose and extra expenses you incur to avoid or minimize a shutdown of your business after your computer system fails due a covered peril. The perils covered may be the same as those covered under Damage to Electronic Data. The loss of income and extra expense coverages afforded under a cyber liability policy differ from those provided under your commercial property insurance. Cyber policies cover income losses and extra expenses that result from an interruption of your computer system by a covered peril. Property policies cover income losses and extra expenses that result from an interruption in your business operations caused by physical damage to covered property, which often does not include electronic data.
Cyber Extortion Losses – Cyber Extortion coverage applies when a hacker or a cyber thief breaks into your computer system and threatens to commit a nefarious act. A hacker may threaten to damage your data, introduce a virus, or shut down your computer system unless you pay him or her a sum of money or ransom. The attacker may also subject your computer system to a denial of service attack or threaten to release confidential data unless you pay the sum demanded. Extortion coverage typically applies to expenses you incur (with the insurer's consent) to respond to an extortion demand, as well as the money you pay the extortionist.
Notification Costs - This may cover the cost of notifying parties affected by the data breach by government statutes or regulations. They may also include the cost of hiring an attorney to assess your firm's obligations under applicable laws and regulations. Some policies cover the cost of providing credit monitoring services for those affected by the breach. Some also cover the cost of setting up and operating a call center to assist those affected.
Damage to Your Reputation - A data breach can severely damage your firm's reputation. As a result, some policies cover the costs you incur for marketing and public relations related to damage control following a data breach. This coverage may be also be referred to as Crisis Management.
Most cyber policies include more than one type of liability coverage. These coverages apply to damages or settlements that result from covered claims. They also cover the cost of defending you against such claims. Note that defense costs may reduce the available limit of insurance. Virtually all cyber liability policies are covered on a ‘claims-made’ basis. Some third-party coverages may also be subject to retention.
Network Security Liability - Network security liability insurance covers lawsuits against you due to a data breach or to the inability of others to access data on your computer system. Coverage may apply if the data breach or inability to access your system is due to a denial of service attack, a virus, malware or unauthorized access and use of your system by a hacker or rogue employee. Policies may cover lawsuits alleging that you failed to adequately protect data belonging to clients, employees or other parties.
Network Privacy Liability - Network privacy liability insurance covers lawsuits based on allegations that you failed to properly protect sensitive data stored on your computer system. Some policies cover liability arising from the release of private data (such as social security numbers) belonging to your employees.
Electronic Media Liability - Electronic media liability insurance covers lawsuits against you for acts like libel, slander, defamation, copyright infringement, invasion of privacy or domain name infringement.
Other coverages that may be available under a cyber liability policy include various crime coverages such as computer fraud, funds transfer fraud, and cyber terrorism (acts of violence committed for political purposes). Some insurers have developed cyber liability policies tailored to specific industries. For example, one policy may be designed for businesses in the healthcare industry while another policy is intended for financial institutions.
Businesses are facing more threats from online attacks. Cyber liability insurance can help mitigate your organization’s risk. Learn from Kovalev Insurance.
X