What is Cyber Insurance?
Cyber–insurance is a product used to protect businesses and individual users from Internet-based risks, and more generally from risks relating to information technology infrastructure and activities such as Blockchain and Crypto Currency.
What is covered in a cyber insurance policy?
Some companies even wonder if cyber risk is insurable. The good news is that yes, cyber risk is insurable. Here’s how cyber insurance works:
Every company faces cyber risk, no matter their size. But the bigger you are, the more areas of vulnerability you have. we identify the most prominent cyber risks as privacy risk, information risk, and operational risk. Generally, cyber insurance is designed to protect your company from these primary risks through five distinct insuring agreements: network security, privacy, interruption to your business, media liability, and errors and omissions.
Cyber insurance typically covers expenses related to first parties as well as claims by third parties.
First-party coverage – Covers damages you and your business suffer because of a data breach. This can include things like investigative services, business interruption coverage and data recovery.
Third-party coverage – Covers damages if your customers or partners are affected by a cyber attack on your business. This can include legal fees, settlement costs, security failure and media liabilities.
How much coverage you need depends on your business’s specific risk. Many small businesses need higher limits that are typically only available on stand-alone policies. Small cyber risk policies can usually be added to a BOP (business owners policy).
Although there is no standard for underwriting these policies, the following are common reimbursable expenses:
- Investigation: A forensics investigation is necessary to determine what occurred, how to repair damage and how to prevent the same type of breach from occurring in the future. Investigations may involve the services of a third-party security firm, as well as coordination with law enforcement and the FBI.
- Business losses: A cyber insurance policy may include similar items that are covered by an errors & omissions policy (errors due to negligence and other reasons), as well as monetary losses experienced by network downtime, business interruption, data loss recovery and costs involved in managing a crisis, which may involve repairing reputation damage.
- Privacy and notification: This includes required data breach notifications to customers and other affected parties, which are mandated by law in many jurisdictions, and credit monitoring for customers whose information was or may have been breached.
- Lawsuits and extortion: This includes legal expenses associated with the release of confidential information and intellectual property, legal settlements and regulatory fines. This may also include the costs of cyber extortion, such as from ransomware.
Keep in mind that cyber insurance is still evolving. Cyber risks change frequently, and organizations tend not to report the full impact of breaches in order to avoid negative publicity and damage the trust of customers. Thus, underwriters have limited data on which to determine the financial impact of attacks.
What is Tech Errors and Omissions Insurance (Tech E&O)
Tech E&O is a type of insurance designed to cover providers of technology services or products. For example, data storage companies and website designers provide technology services, while computer software and computer manufacturers offer technology products.
Tech E&O policies cover both liability and property loss exposures. Major liability insuring agreements include losses resulting from: (1) technology services, (2) technology products, (3) media content, and (4) network security breaches. Key property insuring agreements provide coverage for extortion threats, crisis management expense, and business interruption.
Tech E&O insurance is often confused with cyber and privacy insurance. In contrast to tech E&O coverage, cyber and privacy insurance is intended to protect consumers of technology products and services. Nevertheless, cyber and privacy insurance policies do offer a number of the same insuring agreements as tech E&O policies.
Chance Sowers | AFIS.
Chance@metzgerinsuranceagency.com 1 (614) 301 – 4442