Paper or Plastic Electronic?
Computers, smartphones, and cloud-based services are a mainstay of business. With them we transact finance, submit tax information, and house proprietary company documents. This data is sensitive, and its loss can have significant impact. And don’t forget about paper. Though our use of flat white sheets has steadily decreased for several years, most businesses still store sensitive business data on them. If this information, electronic or otherwise, is stolen due to a security breach, replacing or restoring it could prove costly and negatively impact revenue. Data breaches exposed 4.1 billion records in the first half of 2019 alone. Cyber Liability Insurance can protect businesses against the expense of ransomware, cyber fraud, and data breaches and is a critical part of a business’s larger cyber security plan.
Possibly even more significant, our electronic platforms also store information regarding clients, vendors, and employees, including Personally Identifiable Information (PII), payment methods, and sensitive business data. If such data is lost or stolen, data owners may sue for damages. Courts routinely require a high degree of due care for businesses storing data.
Everyday Claim Examples
- An employee pays an invoice as usual, not knowing the vendor’s email was hacked and the invoice fraudulent. Payment went to a different account and is not recoverable.
- An employee opens an email attachment from what appears to be a trusted source and unknowingly infects the network with ransomware.
- A salesperson’s phone is stolen at a coffee shop while they step away to the counter. It was not locked and within an hour hackers have downloaded sensitive client data from their email and the network. The business is now liable for damage caused by the data breach plus notification costs.
Cyber Liability Insurance
This coverage protects against a data breach or other cyber-related events. Most policies include both first-party and third-party coverages.
First-party coverages include expenses the policyholder may incur because of a breach. Coverages contained in cyber liability policies vary, but often include:
- Loss or Damage to Electronic Data: The cost to replace or restore electronic data and programs damaged or stolen in a breach.
- Loss of Income and Extra Expenses: Protection for reduced income due to a breach, plus extra expenses necessary to minimize the impact of the attack.
- Contingent Business Interruption: Protection should a security breach at an outsourced service provider cause a loss of revenue or extra expenses to your business.
- Notification Costs: The expense of notifying those affected, as required by law. May also include credit monitoring services and the establishment of a call center.
- Social Engineering & Cyber Crime: Protection for threats such as financial fraud, telecommunications fraud, phishing attacks, and theft of funds held in escrow.
- Cyber Extortion and Ransomware: Applies when a cybercriminal breaks into a computer system and threatens to damage data unless a ransom is paid.
- Reputational Loss Coverage: Employment of a public relations consultant to help mitigate loss to business income.
- Court Attendance Costs: Expenses to attend court, mediation, or other hearings.
Third-party coverages include liability protections for damages incurred by other affected entities – entities such as clients, employees, and vendors – who were negatively impacted by the breach. These coverages provide for damages and settlements from these third parties, as well as the cost of legal defense. Some cyber liability policies include a retention (deductible) for third party coverages. Again, coverages vary by policy, but often include:
- Network Security and Privacy Liability: Claims for negligent acts, errors, or omissions resulting from a denial of service attack, unauthorized access, introduction of a virus, or other security breach. Also includes claims for failing to properly protect sensitive information.
- Regulatory Proceedings: Fines and/or penalties imposed on a business by regulatory agencies.
- Breach Management Expenses: Costs of an external IT security expert to determine the cause, scope, and extent of the Privacy Breach.
- Electronic Media Liability: Protection for libel, slander, defamation, copyright infringement, or invasion of privacy. In general, these acts are covered if they result from your publication of electronic data on the Internet.
- PCI DSS Assessment Expenses: Damages due to failure to comply with Payment Card Industry Data Security Standards (PCI DSS), Merchant Services Agreements, or Payment Card Company rules.
Again, don’t forget about paper. Not all cyber liability and data breach policies protect a company regardless of whether the data was stored electronically or on paper. If you have any questions regarding your cyber liability insurance program, please contact your Bankers Insurance agent. Not a client of ours? Let us earn your business! Each client is assigned a personal agent in our office, given their email address, and provided a phone number that rings right on their desk.
- Cyber Liability and Data Breach
- Cyber Risk Insurance Scorecard
- Cyber Risk Management Program
- Cyber Insurance Frequently Asked Questions
- Privacy and Cyber Security
- Cyber Liability for Small Business
- Available to clients of Bankers Insurance at no cost (contact your agent for more information):
- Complete Cyber Security Planning Guide
- Cyber Security Guide for Human Resources
- Draft Cyber Security policy, for your business