What is Cyber Insurance and why it matters?
What is Cyber Insurance?
Navigating through the internet should be a seamless experience. The world wide web has the capacity to nourish us all with knowledge, goods, and culture. Sadly, much like the real world, it is not necessarily peaceful all the time. Rather, the internet is filled with dangers. Specially if you work in health, finance, insurance, or any other industry that relies on data and the protection of said data.
As well as the physical risks your business can face, I.e., property damage or worker’s compensation there are risks that come from using technology. Cyber risks typically refer to data breaches, ransomed files, hijacked computers, leaks of confidential information and so on.
Data is the wider term to identify information that can be categorized in two broad groups:
- Personal identifiable information (PII): which allocates a person into a group of people. For example: “consumer of this product”
- Personal health information (PHI): That refers directly to a person and can be used for insurance and health coverage for example.
Both types are what is called confidential the latter much more so than the former. Ideally however, no data should be compromised. Cyber insurance kicks in when a breach has already occurred.
That is why focus should be put into obtaining and managing both a company’s internal cyber security policy while investing in a comprehensive cyber insurance policy. It is known that even the most secure organizations in the world have had issues with hackers and security at some point. Cyber insurance coverages can help if a computer gets a virus and sensitive data ends up getting exposed or clients sue after your business loses PII or PHI. But is the threat exaggerated?
How much could an attack cost?
Ranging from the loss of data to expenses related to attacks, cyber liability includes a broad amount of incidents which can mean the difference between being able to continue operations or ending up bankrupt in the most severe cases:
- System recovery: The cost of repairing of replacing computers. It can also go cover costs resulting from the loss of data and protect you in case you lose income if you are unable to work because of the attack.
- Notification expenses: Required in several states these are the costs you incur after an attack has happened. You are obligated to notify the customers, and this can very costly if you have a large database.
- Regulatory fines: Can be incurred in cases where you were not compliant at the time of the attack and the losses happen as a result.
- Class action lawsuits: More likely in the case of a large-scale data breaches. Lawsuits are usually filed on behalf of customers whose data and privacy were compromised.
So, if you think about it, what you should be asking is:
What does cyber liability insurance cover and what does it not cover?
Briefly, cyber insurance covers:
- Loss or corruption of data.
- Business interruption.
- Multiple types of liability.
- Identity theft.
- Cyber extortion.
- Reputation recovery.
Things not Covered by Cyber Liability Insurance include:
- Damages to tangibles such as bodily injury or property damage claims
- Criminal activity related to these tangibles, for example, fraud, robbery, employee theft.
Overall, cyber insurance is important, considering an attack could end up setting you back and really damage your business.
If you want to know more about cyber insurance, stick around we are going to do a whole series on the subject: You can access part 2 here. Just as we did with Insurance Fraud, it is a topic with many points to cover. So, come back to Terraclaim and get the latest news and analysis on the world of insurance.