Cyber insurance is a relatively new evolving insurance product that’s main purpose is to protect your business from cyber threats.
Most businesses rely on the internet for a variety of services. Online marketing, administrative functions, inventory management, credit card processing, and distribution controls to name a few. An attack on your business that disrupts these services can lead to brand and reputation damage, regulatory scrutiny, stakeholder dissatisfaction, and financial losses.
A cyber-attack on your business can come in many forms and have devastating effects. It’s not just the large organisations that should consider a policy, recent research by Symantec’s 2016 Internet Security Threat Report indicated that 43 percent of all attacks in 2015 were targeted at small businesses as they are often seen as an easy target.
What’s usually included on a Cyber Risks insurance policy?
Investigation: A forensics investigation is necessary to determine what occurred, how to repair damage and how to prevent the same type of breach from occurring in the future. Investigations may involve the services of a third-party security firm, as well as coordination with law enforcement and the FBI.
Business losses: A cyber insurance policy may include similar items that are covered by an errors & omissions policy (errors due to negligence and other reasons), as well as monetary losses experienced by network downtime, business interruption, data loss recovery and costs involved in managing a crisis, which may involve repairing reputation damage.
Privacy and notification: This includes required data breach notifications to customers and other affected parties, which are mandated by law in many jurisdictions, and credit monitoring for customers whose information was or may have been breached.
Lawsuits and extortion: This includes legal expenses associated with the release of confidential information and intellectual property, legal settlements and regulatory fines. This may also include the costs of cyber extortion, such as from ransomware.