Some companies have a greater exposure to losses that are covered by this policy, but if your company uses computers, you should have Cyber Insurance.
The biggest problem is that General Liability Policies are not built to cover Cyber related claims and in most cases are specifically excluded.
The most common reasoning for having a Cyber Insurance Policy is the concern over a third party gaining access to computer systems, and in terms of records being exposed, Hackers, Viruses, and Malware are the most common events that contribute to a loss. According to NetDiligence 2017 Cyber Claims Study, Hacking and Malware accounted for 99% of all records exposed.
So are Hacking, Malware and Viruses the only thing that we need to be worried about when looking at Cyber Insurance? These are only a small portion of what a Cyber Insurance Policy helps cover. Some of the common business exposures that a Cyber Insurance Policy can cover include:
Damage to your System: Damage to a business’s system, data, software, etc.
Privacy Liability: Personally Identifiable Information including Health Information and Payment Information.
Third Party Liability: Liability to others if a virus or malware originate in your system or if they pass through your system to someone else's system.
Business Interruption: Net income that would have been gained during the time that you were unable to operate because of a Cyber Event. Extra Expenses incurred to keep your business running during this time.
Reputational Harm: Remediation to help lessen the effect of a breach and the reduction in earnings.
Notification Costs: Costs to notify your customers and vendors of the breach.
Forensic and Investigation Costs: Coverage for costs to find how the breach occurred and the scope of the breach.
Regulatory Action Against Your Business: Fines and Penalties from regulatory bodies can be the most expensive part of dealing with a breach.
Fraudulent Financial Transactions: Unauthorized use of credit cards, checks, or unauthorized wire transfers through electronic means.
Cyber Extortion: When a business’s data is encrypted by a hacker and payment is demanded for the key to unencrypt the data (Denial of Service or DOS).
Online Liability and Advertising Injury: Claims of trademark or copyright infringement, defamation, etc. from online, multimedia means.
When it comes to Cyber Insurance Policies there are other areas of coverage based on your business’s needs, but these represent the main points that can be addressed by Cyber Insurance Policies.
When dealing with Cyber Insurance Policies, there is no standard format. The Coverages outlined above may go by a different name depending on what carrier you are looking at. An in depth understanding of both the types of coverages needed and the business to be insured are required by the insurance agent. Without a good agent, there can be big gaps in the coverage, reducing the effectiveness of the policy.
As always, consult a competent licensed agent to discuss your business needs before making a decision on any insurance policy.