Cyber risks are one of the biggest concerns for all businesses today. Cyber security does not just deal with internet-based threats such as network security and Internet of Things security (IoT), but also critical infrastructure, cloud security and application security.
Simply put, cyber security aims to protect systems, networks, programs, devices and data from cyber-attacks and aims to stop sensitive information from getting into the wrong hands.
Cyber insurance is a specialist form of insurance which aims to cover cyber-based data breaches. It’s been around since the mid-nineties in a basic form. Compared with other types of insurance it’s relatively new. Don’t be fooled by its recent arrival to the party! Businesses without it run the risk of being destroyed. Cyber-attacks are becoming more commonplace and operating in today’s business world without insurance is a huge risk.
There are three levels of cyber-insurance protection
Third-party
This covers the cost of compensating the third party who suffers data breaches or cyber-attacks due to the insured being at fault. While it’s not liability insurance, it’s similar to traditional liability insurance for businesses, in the sense that your client is protected if your business is at fault.
First party
Essentially this type of policy covers businesses directly and all insured parties for costs caused by cyber-attacks. It’s a bit like fully comprehensive car insurance compared with third party, as your business is covered not just the third party.
Silent
Ironically this type of insurance is not cyber insurance, rather it covers losses which come about as a result of cyber-attacks that are covered by traditional buildings or liability insurance. For example, if your business’s computer system was fitted with malware, which causes a blackout and one of your employees slips and is injured. Then your employee liability insurance, if it did not exclude incidents stemming from cyber-attacks, would pay compensation.
Cyber insurance should cover the following
Data breaches
This covers your business for any expenses arising due to data breaches such as compensating victims for administrative costs associated with communicating with those affected.
Regulatory civil action
This covers regulatory bodies issuing fines due to breaches concerning GDPR – General Data Protection Act.
Extortion
Cyber extortion is sadly becoming more prevalent, especially with unaware employees. The culprits often use phishing attacks – clicking on a link that contains malware, with the result of data being stolen from the insured, with the illegal party then attempting to sell this data back to the policyholder.
Virus liability
If your clients get a virus from your systems and need to be compensated, then your business is covered. This can happen despite anti-virus software and needless to say the damage caused by viruses can be colossal and lead to the loss of millions in revenue and huge legal expenses.
Loss of income
If your computer system suffers a meltdown or your website goes haywire and losses are incurred as long as you can provide proof of the loss of income, then your business will be compensated.
Loss of data
This covers the cost of replacing any lost data due to data breaches, sabotage or viruses as well as many other scenarios. Always check what you are covered for with your insurance provider.
Errors and omissions
Traditionally a form of professional liability insurance protects companies and their employees, primarily in the event of your company misinforming a client. As an example, if you provided a client with incorrect financial advice and they seek compensation then you are covered. In the context of cyber security if this misinformation is due to your software, then your business is covered.
It’s a no brainer
The risks of operating without cyber insurance are almost incalculable. Technology is ubiquitous no matter which industry your business operates. Are you prepared to risk it all?
Need a competitive quote and want to talk to someone who can get you the right cyber insurance policy? Contact us.