What is Cyber Liability Insurance? Is It Worth It?

There was a time when bad business decisions, unpredictable markets, fires, floods and robberies were the kinds of things that caused businesses to incur losses. But our ever-expanding cyber universe has opened the door to cybercrime, and now companies can go under from a severe cyberattack. In step with this increasing vulnerability, insurance companies now offer policies to protect businesses from such attacks. Cyber Liability Insurance reimburses businesses for financial losses resulting from data breaches and other cyber events.

What Does Cyber Insurance Cover?

As with most insurance policies, the coverage and costs vary between insurance companies. There are two basic types of coverage:

First-Party Coverage – Pays out-of-pocket expenses that a company directly incurs as the result of a cyberattack.

Third-Party Coverage – Covers damages or settlements a business must pay related to lawsuits resulting from its actions or inactions after a data breach.

Like most insurance policies, the choices vary in the range of coverage, policy limits, optional riders and deductibles.

First-Party Coverage

Here are some typical First-party coverages you will find in a cyber liability policy:

• Loss of Income – In addition to the loss of income sustained by a business from having to shut down from a covered cyber event, the policy will also cover additional expenses incurred by the company to restore its regular operations fully.
• Data Restoration – This coverage will pay for the cost to replace or restore data, software damaged by a cyberattack and generally covers a wide array of potential cyber perils, including direct hacker attacks, viruses, malware, etc.
• Ransomware Attacks and Extortion – If a ransom is paid to a cybercriminal holding your system hostage, the insurance company will work with the insured business and, in some cases, even hire a ransom negotiating specialist to assist.
• Notifications – Any expenses related to notifying all parties affected by the cyberattack will be reimbursed by the insurance provider. In most states, it is a law that businesses must inform individuals when there is the possibility that their data has been breached. These notifications are of particular importance to high-compliance, small to midsized businesses such as law firms and medical practices. Some insurers also offer extra services such as ongoing credit monitoring for a set period.
• Crisis Management – Many cyber liability policies afford crisis management services to help the business navigate all the issues to be addressed. These could include forensic accountants, attorneys and computer specialists. When appropriate, public relations experts might be employed to help mitigate the PR damage caused by a cyberattack.

Lawsuits and Other Post-Cyberattack Claims

Most cyber liability policies include coverages for claims made by third parties. The coverage generally includes reimbursement for any costs related to legal defense and settlements with third-party claimants. There are three basic categories of claims that typically will be covered:

• Network Security and Privacy Breaches – These are related to claims of negligence in cyber security and privacy invasion. The cyber policy will indemnify the business and cover the cost of these claims.
• Regulatory Proceedings – Fines and regulatory penalty fees imposed by governing agencies. The cost of an attorney is also covered.
• Electronic Media Liability – These legal claims are in the areas of slander, libel, invasion of privacy, copyright or domain infringement from the publishing of electronic data breached by the cyberattacker.

What Does Cyber Insurance Not Cover?

The good news is that the list of cyber events that are covered is long. The list of things not covered is short and, frankly, reasonable. Here are some typical liability exclusions:

• Property Damage and Bodily Injury
• Contractual Liabilities
• Illegal Acts Perpetrated by the Insured
• Acts of War and Terrorism
• Power Failures
• Actions Committed Before the Cyberattack

The FBI www.fbi.gov has reported a 400% increase in cyberattacks on small to midsized businesses since the start of the pandemic. The best insurance against a cyberattack is never to have one. If you have not yet fallen victim to a cybercrime, you should act now to take the necessary steps to protect your data. You might be using some protective measures already. But as cybercrime is on the rise and your business grows and adds more devices such as smart controls, wireless access and remote access, your network surface attack area for hackers grows, too. It is essential to hire experts to provide a Cyber Risk Analysis of all of your systems and networks.

DIGIGUARD Cyber Security Knows How to Best Protect Your Business Data

DIGIGUARD, which specializes in preventing cyber threats, has a wide array of solutions to protect against cybercrimes. It works with small and midsized businesses to establish cyber security best practices to ensure their confidential data has the best protection possible and that all users are on the same page. Many companies bound by strict compliance and privacy laws such as law firms, medical practices and financial service institutions cannot afford data breaches of any kind. For any business, cyberattacks can have devastating consequences. DIGIGUARD can assess your cyber risks and work with you to ensure you have the best protection solution for your business.

Call DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) and visit www.DIGIGUARDsecurity.com to increase your level of cyber security and protect your company’s and clients’ data.