How can you use cyber liability insurance to manage risks related to a data breach and reduce the significant costs that can result from them?
Following the recent ransomware attacks on the NHS as well as many other high profile companies in over 150 countries, the emphasis has been placed on risks that all businesses using computer systems now face.
A recent study of 3,000 companies in the UK, US and Germany revealed more than half (53%) of businesses in the three countries are ill-prepared to deal with cyber attacks.* Insurance has long been used by organisations as part of risk management and disaster recovery plans, however many businesses unintentionally assume that an attack will be covered by their commercial combined insurance. This is very often not the case.
Today, it is a common misconception that hackers are only likely to attack large, high-profile organisations, with many smaller businesses unaware of the high risk data breaches at their establishment. According to the 2015 Information Security Breaches Survey 74% of small businesses had a security breach over the previous year, with the average breach costing small businesses £75k.
As organisations become ever more reliant on technology, the risk of suffering a loss related to problems with computer systems or holding sensitive customer data continues to grow. When it comes to cyber risk, insurance is more important than ever with attacks and security breaches increasing in frequency and sophistication.
What is Cyber Liability Insurance?
Cyber Liability Insurance is designed to support and protect your business if it experiences a data breach, and covers the losses relating to damage to, or loss of, information from IT systems and networks. It’s important for you to manage your cyber risks as a business and be aware of where you may be vulnerable by:
- Evaluating first and third party risks associated with the IT systems and networks in your business
- Assessing the potential events that could cause first or third party risks to materialise
- Analysing the controls that are currently in place and whether they need further improvement
Why does my company need Cyber Liability Insurance?
- Hold sensitive customer details such as names, addresses, banking information?
- Use IT systems and websites to conduct business?
- Process payment card information as a matter of course?
Then you are at risk of a data breach. Any organisation that relies upon data, handles sensitive or confidential information, communicates or controls systems and processes electronically should consider protecting their business with cyber liability insurance.
When criminals get access to a company database of information, they become privy to a vast array of sensitive customer and business data, which they can then use to open and access accounts, take money and destroy the affected individual’s credit.
What does Cyber Liability Insurance cover?
Policies generally include significant assistance with and management of the data breach itself, which can be essential when faced with reputation damage or regulatory enforcement. Having a good Cyber Liability policy can cover:
- Data breach / privacy crisis management cover: For example, expenses related to the management of an incident, the investigation, the remediation, data/customer notification, credit checking for data subjects, legal costs, court attendance and regulatory fines, business interruption, loss, damage or distortion of data (own or third party).
- Multimedia / media liability cover: Third party damages covered can include specific defacement of website and intellectual property rights infringement.
- Extortion liability cover: Typically this covers losses due to a threat of extortion where third parties threaten to damage or release data if money is not paid to them.
- Network security liability: Third party damage as a result of denial of access, costs related to data on third-party suppliers and costs related to the theft of data on third party systems.
- Crisis management and PR support: Reputational damage, including social media and PR embarrassments, arising from a breach of data that results in the loss of intellectual property or of customers.
Cyber Insurance should be seen as an integrated risk management approach to dealing with Cyber Risks. Not all cyber policies are the same and it is critical to ensure that you have the most effective cover in place to respond to a Cyber incident.
Contact a member of our team today on the number below to discuss your cyber requirements OR email us at firstname.lastname@example.org
*Hiscox Cyber Readiness Report 2017Share