Cyber Liability Insurance for Your Business

Posted August 31, 2011 Company News

It seems like every day there is a story in the news of a large company being “hacked” by Cyber thieves. We have all read about the Sony, Bank of America and TJ Maxx incidents. These companies all have trained personnel and strong balance sheets to handle the financial and reputational risk exposures that come with these events.

However, mid-sized and small businesses do not have these luxuries. They should be considering buying Cyber Insurance coverage. The reason as noted, in a recent Property & Casualty Underwriter article, is that virtually every modern enterprise lives and breathes on its information technology applications, databases, and computer systems. When IT goes down, business screeches to a halt.[1]

This IT reliance creates risks that are not addressed in standard property and casualty coverages. The good news is that there are a growing number of insurers offering cyber and privacy insurance contracts. These policies can be seamlessly integrated into your current risk management program to address what could be a potentially crippling cyber liability claim. The remainder of this article is dedicated to the intricacies of the cyber liability insurance and why it is relevant to your business.

 

How Does Cyber Liability Insurance Work?

A cyber liability policy usually provides two types of coverages: Third-party and First-party. Third-party coverages may cover claims arising out of:

  • Unlawful disclosure of a third-party’s information, including invasion of privacy suits
  • Infringement of intellectual property rights
  • Tortious disclosures regarding products or services, defamation, and libel
  • System failures or interruptions afflicting your customer’s or another third party’s systems

In addition to these external protections, First-party coverage may provide internal crime expense coverage, including losses resulting from:

  • Privacy monitoring services for your customers, for example credit check services
  • E-business interruption
  • E-theft
  • Public relations and crisis management expenses
  • Corrupted hardware and software expenses

 

Doesn’t My Business Already Have Coverage To Safeguard Against These Losses?

The short answer is no; however, consider these coverages:

General Liability – only provides protection for bodily injury or property damage sustained by tangible objects or people. Moreover, general liability policies usually exclude the loss of electronic equipment. This may not only place your data and electronic confidential and proprietary information at risk for loss, but also your valuable electronic equipment which stores such information.

Personal & Advertising – is tied to the type of media which is injurious, not the information, data, or other at-risk content. Furthermore, these policies almost exclusively apply only to written or print media. This leaves no coverage under a personal & advertising Injury policy for liability due to the transmission of electronically stored information on an electronic platform.

Property – only provides coverage to physical damage of tangible property.

Crime (Employee Dishonesty) – will not extend coverage to crime or hacking performed by outsiders and also generally excludes the theft of information. This provides no protection against third-parties who compromise your data or your entire system.

 

If You Think These Coverage Gaps Don’t Apply To Your Business, Then Consider These Reasons To Consider Cyber Liability Coverage:

Dual Exposure – A company is constantly at-risk not only from internet hackers who may be located at your local coffee shop or half way around the world, but even the most advanced and comprehensive network security software cannot stop an insider from appropriating confidential information.

Portability – How much information is stored on your company’s fleet of laptops, PDAs cell phones, and USB drives? These mobile devices are easy targets for either data breach or outright theft of information.

Regulation and Legal Action – In a legislative framework which already includes the Health Insurance Portability and Accountability Act (HIPAA), the Fair Credit Reporting Act (FCRA), and the new Identity Theft Enforcement and Restitution Act (I-TERA), the penalties and lawsuits arising from data breaches are only going to increase.

Human Error – Even the most meticulous of individuals are still prone to making mistakes when it comes to data and technology. How confident are you:

  1. That personal information will always be protected?
  2. Confidential records will be destroyed and not just carelessly thrown in the trash?
  3. That information will not fall into the wrong hands?

 

Additional Information

To obtain more information concerning cyber liability insurance, follow the links below, or contact a Henderson Brothers’ Representative at [email protected].

 

References:

A Framework for Using Insurance for Cyber-Risk Management

http://www.cc.gatech.edu/classes/AY2008/cs4235b_fall/Group3/FrameworkUsingCyberInsurance.pdf

Data Breach Calculator

http://databreachcalculator.com.sapin.arvixe.com/



[1] Grimes, Rick, and Karen Kutger. Cyber Coverage: The New ‘Must-Have’ In The Property & Casualty Portfolio? March 15, 2010. http://www.propertycasualty360.com/2010/03/15/cyber-coverage-the-new-must-have-in-the-property

 

 


Please note that the information contained in this document is designed to provide authoritative and accurate information, in regard to the subject matter covered. However, it is not provided as legal or tax advice and no representation is made as to the sufficiency for your specific company’s needs. This document should be reviewed by your legal counsel or tax consultant before use.