Cyber Insurance

 

We see the headlines month after month: costs from data breaches and cyber attacks run to the tens or hundreds of millions for large, public companies. But that’s only part of the story. Every day, organizations ranging from small municipal governments to huge pharmaceutical companies — from your dentist’s office to your regional supermarket chain — deal with cyber attacks. Most aren’t widely reported. Quietly, ransoms are paid, breaches are remediated, and fines are levied, with the targeted organizations taking the brunt of the financial hit. With these costs presenting a significant (and too often, existential) threat to organizations, it’s no surprise that the uptake of Cyber Insurance continues to grow at double-digit percentages year over year

Common incidents that trigger claims include:

• Ransomware attacks – hackers lock up files or devices and demand a ransom payment in exchange for release.
• Data breaches – confidential data is stolen or otherwise exposed
• Wire fraud – an employee is tricked into sending money to a scammer
• System failure – shutdowns due to system outages that may or may not be malicious in nature

Costs and cost drivers from incidents include:

• Business interruption – lost sales or delayed work as a result of a cyber attack shutting down all or part of an organization’s IT
• Regulatory fines associated with the mishandling of data
• Ransom paid to attackers
• Replacement of damaged property, such as laptops
• Customer notification, PR, and Legal/Court Attendance costs incurred in response to the attack

What is included in a cyber policy?

Expert Advice in Incident Response: Importantly, Cyber policies commonly include coverage for expert advice in addition to covering direct costs. These include the retention of an expert attorney or “breach coach” to guide the insured through the complicated response process. This person acts as a captain of the incident response and can facilitate contact with other third-party services that may need to be activated.

Data-driven IT Recommendations:

A more recent addition to cyber policies is a detailed report on the insured organization’s risk exposure, including recommendations on how the insured can proactively mitigate the risk of an attack. These are services that can cost thousands of dollars but are typically provided for no cost as a value-added benefit with the policy

First Party Coverages:

Policies cover direct costs associated with attacks on, or shutdowns of, your clients’ IT systems. These include Business Interruption, Contingent Business Interruption (for losses incurred because of an outage by an IT provider), fraud losses, reputational loss coverage, ransomware coverage and more.

Third-Party Coverages:

Most cyber policies also cover third-party claims, such as media liability claims due to slander, libel etc.; breach management expenses, fines, and breach response costs.

Common Endorsements:

Certain coverages have not become standard within cyber policies but are frequently offered as endorsements. These include “bricking coverage” for the replacement of IT devices like laptops, coverage for costs to hire a forensic accounting team, bodily injury coverage, and invoice manipulation coverage.

Need a cyber quote? Click here to fill out a short application (2 mins or less), and get a same-day quote!

Are you a tech company? Click Here for an Errors & Omissions and Cyber quote