So, what does Cyber Insurance cover?
Cyber Insurance, for all practical purposes, is the only policy that will respond or cover your firm for losses that relate to a cyber event. Cyber Insurance is a unique policy form, which typically should be purchased as a standalone policy to protect you and your firm from the claims which can arise from a cyber event. (an exception to the “stand-alone” rule is when a technology company purchases Tech Errors & Omissions insurance with Cyber wrapped into that policy).
A cyber event can be any number of situations where outsiders have infiltrated your data network, or insiders (such as employees) have accidentally exposed your company’s private information to others outside of your firm.
Common examples of this can include:
- Hackers gain access to your network via a phishing attack and exfiltrate (steal) data and sell that data on the dark web.
- Hackers gain access to your network and seize control of it via a ransomware attack, demanding a bitcoin ransom in exchange for your data.
- An employee accidentally sends confidential client information via email to an incorrect recipient.
- A laptop containing private data is stolen from you or an employee.
- A hacker infiltrates your network and is able to transfer large sums of money out of your bank accounts.
In any of these examples, several cyber-related issues can arise which will cause a claim under a cyber policy. It may be that mandatory notification procedures have been triggered, or a lawsuit for failure to safeguard private data occurs, or you’ve suffered a loss of data or worse loss of business income. There can be reputational damage, destruction of data or systems, and more. At the end of the day, these will all cost you money. A properly designed cyber policy can protect you and your firm for these types of losses which can occur at any time, for any company.
Hackers find small and medium-sized businesses easy targets since they don’t have the robust IT infrastructure that large Fortune 500 type companies have. Don’t be fooled into believing it can’t happen to you.
Cyber insurance is the backstop when your IT protective systems fail.
In addition to providing an insured monetary relief from cyber claims, many cyber policies provide pre-breach services to help train employees on good computer safety, as well as discounts on protective services such as anti-virus programs. More importantly, are the post-breach response services that insurers provide to help you quickly remediate from a cyber event. Most insurers have 24/7/365 hotlines staffed by experts to help you initiate a response following an event and to get you the experts you need to remediate your claim.
Want to see where you and your organization score on the Cyber Risk spectrum? Follow this link and download our Cyber Scoresheet.