Cyber liability insurance covers financial losses that result from data breaches and other cyber events. Most policies include both first-party and third-party coverages. First-party coverages apply to losses sustained by your company directly. An example is a damage to your company’s electronic data files caused by a hacker. Third-party coverages apply to claims against your firm by people who have been injured as a result of your actions or failure to act. For instance, a client sues you for negligence after his personal data is stolen from your computer system and released online. Cyber policies vary widely but there are some common coverage points we will go over.
First Party Covers
Breach Response Covers
• Privacy Breach Notification including access to specialist firms
• Public Relations Cover
• Data Restoration
• Cyber Extortion
• Rewards
Cyber-crime Covers
• Computer Fraud
• Funds Transfer Fraud
• Telecommunications Fraud
• Social Engineering
Business Loss Covers
• Damage to Computer Systems
• Business Interruption
• Unspecified Suppliers
• IT Provider
• Outsource Provider
• Court Attendance Costs
• Incompatibility of Computer Systems
Third Party Covers
• Privacy & Security Liability
• Cover for liability to a third party arising out of a data breach
• Media Liability
• Cover for copyright infringement, plagiarism, defamation, libel & slander (in electronic content)
• Regulatory Proceedings
• Cover in response to governmental claims in relation to privacy or security liability
• Payment Card Expenses
• Cover for Payment Card Industry (PCI) fines and penalties following breach in payment card information
Crypto-Jacking Attack example
An employee at a firm of solicitors opened an email attachment that installed a form of malware that allowed a fraudster to use the firm’s computer system to mine virtual currency (“crypto-jacking”). The malware ran the firm’s computer system near full capacity for an extended period of time, causing one of the servers to overheat, damaging the motherboard. The firm had to replace the motherboard in the server at a cost of €6,000. In addition, the firm’s routers did not immediately work with the upgraded hardware, requiring the firm to hire an IT specialist at a cost of €2,500 to reconfigure the systems to work together. On top of that, the firm was unable to perform online legal research while its systems were down, causing a net income loss of €35,000.
Covers Triggered:
• Damage to Computer Systems
• Incompatibility of Computer Systems
• Business Interruption
