Cyber Insurance protects both individuals and business from the devastating financial consequences of a cyber attack. Cyber risk is increasing due the massive explosion in IT Data. The resultant data breaches are now becoming a regular event and a cyber insurance policy will protect you against Cyber liability and other costs.
The increase in the volume of IT Data known as Digital Assets and the communication over the internet we have had in the past twenty years has been extraordinary. This is good, but the risks entailed with all this communication and digital data is sometimes not fully appreciated.
Both business and personal information is close to the most important asset of a business or individual as it shows a roadmap of your business or life. Data provides details of what you do, how you do things, your customers or suppliers information, and your own personal and friends lives.
We keep all this data in our computer, laptop, mobile phone or in the cloud.
To gain an initial better and quick understanding of Cyber insurance, watch this video below.
The financial costs of losing control on your data through either malicious or accidental actions include:
Cyber coverage is evolving as a relatively new type of insurance and has been called different terms such as:
Our preference is to simple call this Cyber insurance as the exposures from Cyber encompass First Party, Third Party, and Loss of Income exposures and the risk itself should be looked at in totality.
Cyber insurance coverage provides coverage for your own First Party costs, resultant Business Interruption loss of income, and Third Party liability and Regulatory costs and fines.
First Party cyber insurance protects you as a result of a data breach. This includes immediate guidance on how to respond to a Data Breach.
Cyber insurance policies provide 24/7 assistance to you. Both your own internal or appointed IT consultant and the insurer’s IT Cyber Security expert can act immediately knowing that your costs relating to the incident are insured.
These costs can include:
Loss of income as a result of a Cyber attack is a major reason why Cyber insurance should be taken. Business interruption and extra expenses covers your lost income, investigation and mitigation expenses.
Depending on the nature of the breach, lost productivity can also occur due to your IT being pulled off one of your existing projects to help identify the source of a breach and assisting in fix it.
Businesses are responsible for the data they hold and maintain. If the data of others, being Third Parties, is affected the business can find itself under pressure from both clients, suppliers and government agencies.
Third Party Cyber protects businesses from legal damages and costs associated with a Cyber incident. These costs can be for:
In short, they do not provide Cyber cover.
Due to the nature of a Cyber or Data loss, other insurance policies you normally have such as Business, Liability, Breakdown, Directors and Officers (Management Liability) and Crime do not provide this cover. Cyber risks are covered by a Cyber policy, and not covered by your other traditional insurance policies.
Explanations as to why your traditional policies do not provide this coverage are provided here.
Business policies restrict coverage to Damage and/or Loss of use of tangible physical property resulting from an insured peril. If an insured peril has occurred, this allows the business to also claim for loss of income. Typical insured perils are Fire, Storm, Malicious Damage or Theft.
As a Cyber Attack relates to damage or loss of Electronic Data and not physical contents or stock, a business insurance property policy does not provide Cyber cover.
A very standard exclusion in a Business policy reads that the insurer will not be liable for any loss or liability arising out of:
Liability policies require either a Property Damage or Personal injury incident to occur to a Third Party. A Cyber Attack by its very nature will not involve actual Property Damage of physical contents or stock or Bodily Injury. Another issue is that Liability insurers have applied Data exclusions that exclude coverage arising from a Cyber event.
Equipment polices do have optional extensions called Reinstatement of Data. This relates to Loss of Data as a result of events such as Fire, Damage or Breakdown, and Computer Virus. A Cyber incident would not be covered.
Standard crime policies require direct loss through employees stealing monies or tangible property. As data is separate to this, a standard crime policy does not provide this cover.
Management Liability policies provide protection to directors and management for their business decisions in the operation of a business. These policies will also contain data security breach exclusions.
Professional provides cover for a business providing a service as per your business description, for a fee, and a wrongful act occurring. Unless you were a consultant who is giving advice relating to Data Security and your advice was found to be negligent, then a Professional.
Australia has just concluded our first class action judgement relating to Cyber Risk. In December, 2019, a Cyber class action was settled for $ 275,000 between NSW Ambulance and all of their 130 employees and contractors with details of this incident provided below.
It is important to realise that your Directors and Officers Liability policy does not cover Cyber risk, and you do need a separate Cyber policy.
To gain some perspective on the impending issues that will be faced by boards of Australian companies in the near future we refer to the Equifax data breach. This was settled in January, 2020, with the company to spend up to USD 500 million in payments to class members. Additional costs already were USD 1 billion to improve data security, plus credit monitoring retail costs of USD 5 billion.
You can obtain Cyber insurance under a good Home insurance policy with Identity Theft coverage. Identity Theft is when your identity is stolen and then used for criminal purposes.
In the past, people would steal your identity from your postal box. Now they do this on-line through the internet. Identity Theft is a common issue arising from Data breaches for individuals
To assist in determining if your identity may be at risk of been stolen, we recommend you insert one of your passwords into the following reputable Troy Hunt site - www.haveibeenpwned.com . If your password is located, then someone in the Dark Web may have access to your password and is either most likely using it or will try to use it. We then strongly suggest you change your password(s) immediately and review some password generation software to assist.
Some better home policies do provide cover for Identity Theft (or personal Cyber) cover and depending upon the policy you can be insured for:
One of the initial steps to take to reduce your Cyber risk is through taking a Cyber policy.
By having a Cyber policy in place, in the event of an incident, you can take advice from expert Cyber Security consultants who will work with your IT person or team to take control.
We are Cyber insurance broker experts, and can provide a competitive quotation for this cover. Please contact us for a no-obligation quotation.