How does cyber liability insurance work?

If your company has an online presence or stores information electronically, then the risk of a cyberattack is present. From small businesses to large-scale operations, your approach to prevention and cure should include at least three strategies — stringent cybersecurity practices, processes and technologies; a culture of good digital hygiene; and, in the event of a catastrophic breach, cyber liability insurance. Most know about the first two strategies, but cyber insurance coverage is a new concept for others. 

What is Cyber Liability Insurance?

Cyber liability coverage, also known as data breach liability insurance or data compromise coverage, provides protection following a data breach or other cyber attack. Without cyber liability insurance coverage, an event involving leaked personal information can be a financial and public relations nightmare. That sensitive information can include, but is not limited to, health records, driver’s license numbers, credit card information, tax records, account numbers, employment records, media files and Social Security numbers.

Electing to purchase cyber insurance means having support in the aftermath of a breach. Most policies feature a comprehensive list of first- and third-party coverages, and some allow you to choose the specific coverages that apply to the company’s level of risk. 

First-Party Coverage

First-party cyber liability coverage safeguards against damages to your company as a result of a data breach. Different policies offer different protections, but coverage often requires a deductible and may include: 

• Associated Income and Expense: income losses and expense increases due to an attack.

• Notification Support: process of informing potentially affected individuals and the public about the breach; some policies allow for credit score monitoring and the establishment of a call center.

• Reputation Management: implementation of marketing, public relations and crisis management plans.

• Extortion: threats of and expenses related to a ransomware demand.

• Data Loss and Damage: the recovery, preservation or reconstruction of compromised data; some policies allow for the repair of damaged technology and for the engagement of technical consultants.

Third-Party Coverage

This type of coverage protects your company from claims made against it from third parties, including customers, clients and employees, as a result of a data breach or failure to appropriately respond to it. Third-party coverage may require a self-insured retention (SIR) which, like a deductible, must be completed before the insurance provider will pay. Coverage often pertains to: 

• Regulatory Proceedings: legal fees, fines and expenses associated with a claim or suit brought by a regulatory agency.

• Electronic Media Liability: defamation, libel and slander; domain name or copyright infringement; and invasion of privacy as it relates to electronic media.

• Network Security & Privacy Liability: inadequate protection of sensitive information stored on hardware and in the cloud. 

• Errors & Omissions (E&O): errors, omissions and negligence, as well incomplete work and missed deadlines, that lead to a security breach.

What Isn’t Covered by Cyber Liability Insurance?

Every policy is different and so it’s important to discuss the details surrounding what is — and isn’t — protected. Be mindful that many products do not cover any:

• Cost of development and implementation of tech upgrades following a breach;
• Losses due to business interruption;
• Potential future lost revenue;
• Losses due to phishing scams;
• Losses due to social engineering (tricking people into transferring funds);
• Purchase of replacement property, including hardware, software and other tech;
• Loss of intellectual property or trade secrets;
• Bodily injury or property damage claims;
• Criminal activity, such as employee theft, robbery and fraud;
• Losses due to acts of terrorism or at the hands of nation-state hackers.

How Much Does Cyber Liability Insurance Cost?

The cost of cyber liability insurance coverage varies widely, between $500 and more than $100,000 per year, depending on the needs of your business. Factors that influence your premiums include your industry, the size of your firm, your annual revenue and the amount of financial support you might need following a catastrophic data breach.

Do You Need Cyber Liability Insurance?

If this question has the potential to keep you up at night, let’s talk about your unique situation and your coverage options. The Independent Insurance Associates team is committed to constructing a balanced plan that provides you with coverage you can use, understand and afford.