Cyber Security/Liability
Whether it’s customer records, employee data, patient information or even student records, most all of this material is now accessible in digital files – transferable through email or to downloadable devices.
Information at your fingertips can come at significant risk to your company and the clients you serve. And you’re not alone. Technology loss related to viruses, hacking, digital defamation and intellectual property infringement is becoming commonplace. We often hear about data security breach issues whether it’s within our government, organization or even at a personal level. With a robust market for the illegal trading and selling of personal information, identity theft is the fastest-growing white-collar crime in America according to the Federal Bureau of Investigation.
Protecting Against Cyber Attacks
Unfortunately many of these new risks are not covered by your existing insurance policies. So what’s the answer? Because technology security is critical – particularly for organizations, it’s become a huge liability if your data (and/or your clients’ information) is compromised or stolen.
Like nearly every other business, you have probably capitalized on the advancements in technology today through the digitization of your company’s important information. Whether it’s your customer records, employee information, patient information or student records, all are digitized and transferable through email or accessible on your network. This convenience comes with substantial cyber risk to your company and the clients you serve. Network security and privacy losses related to viruses, hacking, digital defamation and intellectual property infringement are becoming commonplace. Unfortunately, it’s unlikely that these new risks are covered by your existing insurance policies.
Why cyber insurance?:
- Frequency of privacy breaches are on the rise.
- Threats and vulnerabilities are getting dramatically worse.
- More than 47 states, including U.S. territories, have enacted privacy laws in response to the increased frequency of privacy breaches.
- International privacy regulations are drastically increasing at a noticeable rate.
- Corporate governance requires that organizations address information technology risks.
- Shareholders expect that their investment is protected from adverse market fluctuations.
- Publicly traded companies and large privately held corporations could experience shareholder litigation due to mismanagement of cyber risk.
- The plaintiffs’ bar is becoming more active in pursuing class action litigation.
- Contracts may require cyber liability insurance.
- Cyber liability insurance can mitigate the financial impact on a company
What is the financial impact of a security/privacy breach?:
- No industry is immune to a data breach whether intentional or unintentional, electronic or non-electronic. The costs to remedy and respond to such breaches are significant as noted below.
- Cost to defend and/or settle litigation from customers or employees for identity theft.
- Cost to defend and/or settle litigation from banks to recover the value of reissuing credit cards or fraudulent transactions.
- Cost to defend and/or settle regulatory investigations.
- Cost to respond to regulatory laws.
- Cost to defend and/or settle unauthorized access or unauthorized use.
- Cost to defend and/or settle allegations that malicious code (such as viruses) caused harm to the data or computer systems of third parties.
- Cost to defend and/or settle allegations that an insured’s computer system denied a third party the ability to conduct transactions.
- Cost to defend and/or settle litigation from customers or employees for identity theft.
- Cost to investigate and determine the cause of a security or privacy breach, including computer forensics.
- Cost to hire a public relations or crisis management firm to mitigate against reputational harm.
- Cost for legal counsel related to privacy and notification laws.
Types of Cyber Coverage
Network Security Liability
Provides liability coverage for damages and claim expenses arising out of an actual or alleged act, error or omission resulting in:
- The failure to prevent unauthorized access/use to system that results in: – The destruction, deletion or corruption of electronic data; – Theft or loss of data; or – Denial of service attacks against internet sites or computers.
- The inability of a third party, who is authorized to do so, to gain access to your system.
- The failure to prevent transmission of Malicious Code from your system to third-party computers and systems.
Privacy Liability
Provides liability coverage if an insured fail to protect electronic or non-electronic private or confidential information in their care custody and control.
Privacy Regulatory Proceeding
Provides coverage for defense expenses, and in some cases penalties/fines, incurred from a regulatory proceeding resulting from a violation of a privacy law caused by a covered security breach.
Breach Response Expenses
Covers crisis management, including credit monitoring services and public relations expenses incurred resulting from a security or privacy breach. Also pays costs of notifying consumers as required by various state, federal or international laws or regulations.
Media Liability
Covers the insured for Intellectual Property (copyright infringement, etc.) and Personal Injury (defamation, etc.) perils that result from an error or omission in content on their website. Multimedia coverage is also available.
Cyber Extortion
Provides coverage for expenses and/or losses incurred as the result of an extortion threat made against an insured.
Business Interruption
Provides coverage for business interruption loss and/or business restoration expense incurred by the insured as the direct result of a security breach that caused system failure.
Data Restoration
Pays the reasonable costs incurred by the insured, in excess of any normal operating costs, for the restoration of any data stored.
Professional Liability
Technology E&O and/or certain miscellaneous professional liability exposures may be combined with the cyber coverage in one policy.