What does a Cyber Insurance Policy Cover?

Cyber Insurance Coverage

Cyber insurance is mainly designed to help a business or organization, often a small business or non-profit, deal with the effects of a data breach or other type of cyber crime.

This can result from an attack on the businesses IT systems and networks, either by an external individual or organization, through employee participation in the crime, or simply through employee error

A cyber insurance policy will provide coverage in two main areas. There will be a financial indemnity limit included in the policy, and immediate help with the practical management of the cyber security attack or incident.

Cyber insurance coverage is also often referred to by different names such as :

  • Cyber liability insurance coverage
  • Cyber security insurance coverage
  • Cyber crime insurance coverage
  • Cyber risk insurance coverage
  • Professional liability insurance cyber coverage
  • Cyber fraud insurance coverage

Businesses and companies may have other types of insurance policy, such as E and O  insurance, which may have provisions that need to be taken into account when deciding the level of cyber insurance coverage that is needed.

Cyber Insurance Indemnity

All types of insurance policies are effectively indemnity policies. This means that they provide compensation to the company or business for losses that they have incurred.

Cyber insurance is designed to cover financial losses occurring as a result of a cyber event.

These normally include losses where money has been stolen, where data or information has been stolen or corrupted and where there has been a loss of what are known as digital assets.

Cyber insurance can also include financial cover relating to most type of costs related to management of the cyber incident or event, including compensation payments to third parties.

Cyber insurance coverage may also extend to ransomware payments, although this is still a slightly unknown area. Any payment relating to ransomware should always be agreed with the insurance company first before payment is made.

cyber insurance

Cyber Insurance Coverage – Incident Response Team

One of the main features of most cyber insurance policies is that they will either provide access to an Incident Response Team, or pay the costs of bringing you one in to deal with the management of the Cyber incident itself.

An incident response team is crucial to managing and getting through the cyber incident.

Their role will be to oversee the following :

  • Cause – Establish the cause of the data breach, and take Immediate action to secure the integrity of all the IT systems, hardware and software and all endpoint devices.  This will need to be done by data breach investigators who are normally highly qualified cyber security engineers.
  • Regulatory involvement –  All relevant regulatory bodies need to be notified as soon as possible of these cyber incident, with details of how it occurred and who is affected by it as soon as that information is available. They will quite often be legal obligations regarding this that need to be adhere to.
  • Legal team –  as ever need to be lawyers involved right from the outset, not just oversee regulatory involvement but to make sure that a legal framework is in place for overseeing all areas of the management and settlement of the claim.
  • Credit monitoring –  this is a service normally offer to any individual who may have had their data or information stolen as a result of the cyber incident and you may be at risk of some type of identity theft crime.
  • Ransomware payment – there are different views as to other a ransomware payment should be made or not, and then needs to be an open discussion between the insurance company and the business to decide what to do. It may be necessary to involve more enforcement depending upon the scale and type of cyber attack.
  • Reputational damage – any cyber incident can have a negative effect on the reputation of a company, and directly or indirectly on employees and customers. Sometime of PR cover is needed to try and keep this damage to a minimum.
  • Cyber security awareness and training

Most of the major insurance companies and Lloyd’s syndicates provide access to a number of online resources to help in this area, once an insurance policy has been taken out.

The insurance company / LLoyd’s are likely to have a number of portals that provide resources for the business to make their operations safer.

Hiscox for example, provide access to what they call a risk academy, which includes access to training, mainly e-learning courses, documents such as risk assessments and health and safety policies and access to a team of cyber security experts who can help with specific queries.

cyber insurance

Cyber Insurance Coverage – Business Interruption

Aside from financial losses incurred as a result of a cyber Incident or crime, the company or business may well suffer some type of business interruption loss, where they lose money or customers as a result of not being able to function normally as a business.

The Cyber insurance policy is likely to provide some type of cover for this scenario, although it can sometimes be a difficult area to quantify.

It is however really important from the business or companies point of view to have this type of cover in place as it provides some type of safety net  for however long it may take to secure the integrity of the systems, bring in data backups and get back to some type of normality.

Cyber Insurance Exclusions

As with any type of insurance policy it is always important to know, what is not covered as well as what he is.

Cyber insurance policies will differ, sometimes significantly between each other so it is important to check the specifics either ideally before a policy is taken out.

It should be possible to obtain a specimen policy from the company or broker, or if not they should be able to answer specific questions as to exclusions.

Some other most common types of exclusion include:

  • Legal jurisdiction – many companies operate internationally, and under different legal systems, so it is important to establish the jurisdiction, from a legal point of view, of where the policy can be determined if there are any disputes that need to be settled in a court of law.
  • Casualty / Property –  most businesses will have some type of insurance that cover what is known as Casualty and Property claims, or Bodily Injury and Property Damage. A cyber insurance policy is likely to exclude claims that could be covered under these types of insurance policies.
  • State Sponsored Crime – this comes under different guises but most cyber insurance policies  are likely to exclude claims where the incident has been initiated by a country or by an agency of any country, or thought of as an act of war in some way.