Cyber liability policies are becoming more and more complex with time and often are tailored or customized to your specific business type. While not all of the below scenarios may be covered by your specific policy or may have a sublimit that reduces available coverage, Part 5 of our miniseries will discuss real-life examples of situations that might result in a serious loss for your business.
Situations that could result in a Cyber Related (Third Party) Loss
- Unintended disclosure of information.
- Accidentally sent e‐mails. Employees make mistakes and can sometimes send e‐mails and data to someone other than the intended individual(s).
- Theft or loss of laptops, PDAs, smartphones, tablets, flash drives, and/or other electronic devices that contain personal or confidential client/customer information. This can be on both business‐owned devices and an employee’s personal devices.
- Theft or loss of confidential corporate information, such as tax documents, legal documents, blueprints/plans/designs, trade secrets.
- Disclosure of incorrect or damaging information, or information that could result in a violation of privacy. For example: An employee intentionally send e‐mails to others; however, the e‐mails contain incorrect, damaging information, or information that violates the privacy of others.
- Infringement of copyright, intellectual property rights. Businesses often create websites that contain unauthorized use (infringement) of images, music, and/or documents belonging to others.
- Publications that slander, libel, or disparage. Businesses create web pages, bulletin boards, chatrooms, and/or post testimonials with content that could hurt a person or organization.
- Transmittal of a virus, malicious code, malware, ransomware. Businesses may unintentionally receive and transmit information that contains a virus, malicious code, malware, or ransomware that may cause damage to another person’s or organization’s computer system.
- Access and disclosure by an unauthorized user. An unauthorized user (hacker), former employee, or rogue employee may break into a computer system with intent to steal data, steal intellectual property, and/or distribute information that may hurt other people or organizations. Commonly known as a cyber‐attack.
- Denial of Service (DoS) attack. A business that suffers a DoS attack or a Distributed Denial of Services (DDoS) attack can be accused of breach of contract if clients are denied access to the website.
- DoS can basically be described as an attack from one source for the purpose of preventing or disrupting the use of or access to a computer system.
- DDoS can basically be described as an attack from more than one source and/or more than one location at the same time.
- Extortion events may be tied to these attacks. Extortion or ransom payments are first party losses.
- Programming errors. Bad programming and/or poor‐quality control of source coding may result in the release of nonpublic personal information. Resulting machine language errors may cause product or installation failures that result in damages.
- Data entry errors. An employee can accidentally enter incorrect information to another client’s records, which could result in a violation of privacy.
Liability claims/lawsuits alleging violation of state, federal, and other country’s statutes, especially those associated with nonpublic personally identifiable financial, health or other sensitive information
Examples of federal statutes
- Health Insurance Portability and Accountability Act (HIPAA)
- The Health Information Technology for Economic and Clinical Health (HITECH) Act
- Graham‐Leach‐Bliley Act
- There are data breach notification laws in all 50 states, the District of Columbia, Guam, Puerto Rico, and the Virgin Islands.
- Learn what are examples of third-party cyber liability losses. We provide cyber insurance coverage in Newton, Needham and Wellesley Massachusetts.
- Examples of federal statutes
In our next series Part 6 – What are the Insuring Agreements of a Cyber Liability Policy we will review the actual insuring agreements of a best practices cyber liability policy and some definitions.
We provide Cyber Liability Insurance for all types of firms in Newton, Needham, Wellesley, and all of Massachusetts. Contact Kovalev Insurance for cyber liability insurance and request a complimentary consultation to ensure your business is properly protected.