Cyber Security Liability – Do You Need Coverage?
It seems like every week there is an announcement of a new data breach. With the increased risk of identity theft due to security breaches, consumers are looking for ways to protect their data. Businesses who are vulnerable to a network or data breach are seeking coverage to protect their business from loss resulting from cyber attacks, including viruses or malware.
What is Cyber Liability Insurance?
Cyber liability, which can also be called cyber and privacy insurance, is designed to cover liability as well as property losses stemming from a data breach or cyber-attack. Data breaches can be profile information of customer accounts including names, addresses and telephone numbers, personal identification information such as social security numbers or financial information such as bank and credit card information. This coverage can help keep your business secure from the expanding risk of being exposed to a data or privacy breach.
Cyber liability policies can cover both first party and third party liability claims. Some of the types of coverage provided with Cyber Security Liability Insurance are:
Errors and Omissions coverage is a necessary coverage for any company that provides technology-related services. This will cover claims that stem from errors in the services provided by your company. E&O is a third party claim.
Privacy liability is related to a privacy or data breach. Privacy breaches can be due to human error, unauthorized access due to hacker activity, carelessness of physical records, or actions of a disgruntled or rogue employee. Examples of physical records breach can include the following: a stolen or lost laptops or computers, files with sensitive data disposed of in an improper manner, or a mistake that sent information to the wrong person, such a file with client data sent via email. Privacy liability will also cover wrongful collection of information.
Extortion Liability relates to losses that are caused by extortion or the threat of extortion, including professional fees to handle the extortion threat.
Media (multimedia) liability includes infringement of intellectual property rights, libel and slander, and website defacement. This is a third party claim.
Network Security Liability for first-party claims is when your network security has failed and has resulted in a destruction of data, a data breach of consumer information, cyber extortion, and damage due to a virus or malware. A successful attack on your network can shut it down and prevent business from being transacted, which is especially damaging for a business that relies on heavy internet sales or web-based services.
Claims can also include damages that result from costs related to data with third party suppliers, costs related to the theft of data stored on third-party systems and costs and damages related to denial of access.
Costs Associated with a Data Breach or Network Security Failure
Without coverage, a business will be paying all costs out of pocket. Just responding and investigating a network breach can be upwards of $40,000. Many small businesses cannot shoulder the burden of these costs in the event of a claim. Cyber Liability policies will protect your business from the high cost of expenses to manage and control a breach of security or privacy.
These expenses can include costs for investigation, notifying clients and customers of the breach by mail or email (notification is mandatory in most states and failing to do so will result in fines and penalties), remediation costs, expenses relating to public relations, any regulatory fines and penalties, court costs, credit monitoring costs (offered to clients after a breach), loss of profits (business interruption), damages, settlements and judgments.
Do we need cyber liability coverage?
If you are a business that holds customer data, especially personally identifiable data or financial data, then you need cybersecurity liability coverage. Financial institutions and retailers are particularly vulnerable to data breaches. Many small to medium size companies think that they are not targets and do not seek coverage. However, cyber-attacks can and do, happen to businesses of all sizes and across numerous industries. If you handle financial or personal identification information, then your business should have cyber liability coverage.
These attacks can cost thousands to recover data and render computer systems safe and secure. Additionally, there is likely a loss of business income due to business interruption. Not only are you vulnerable to loss of income from your own operations stemming from a cyber-attack on your own computers but, if one of your major suppliers has been the victim of a cyber-attack, it can affect your supply chain, causing your business to suffer a loss of income. These are costs that most businesses cannot absorb on their own.
Coverage can be tailored depending on your business and what costs and expenses you are most likely to incur in the event of a data breach. Small companies will need less extensive coverage while larger companies that handle large amounts of client data and transactions will need more complex coverage.
We will work with you to identify your risk factors and get you coverage for only what you need. Many of our carriers not only offer coverage, but also support and resources.