Cyber Risk Insurance Coverage FAQs
WHAT IS CYBER RISK LIABILITY INSURANCE?
Cyber risk liability insurance is a key part of a cybersecurity strategy to mitigate first-party and third-party cyber liability risks. The distinction between first-party and third-party cyber risk insurance is relative to who is impacted by the security breach. First-party cyber liability coverage applies to the policyholder’s losses, and third-party coverage applies to losses, resulting from the policyholder’s actions or omissions.
WHAT ARE SOME EXAMPLES OF FIRST-PARTY CYBER LIABILITY COVERAGE?
- Forensic investigation to determine if a data breach occurred, its cause and scope of the breach
- Computer / Data loss replacement or restoration costs
- Business interruption, income losses, and additional service expenses
- Public relation consultants for appropriate communication to customers /partners /the public and reputation management consulting
- Victim notification costs, call center and credit monitoring costs
- Regulatory authority notification costs and fines
- Electronic theft and fraud protection
- Cyber extortion demands
WHAT ARE SOME EXAMPLES OF THIRD-PARTY CYBER LIABILITY COVERAGE?
Third-party cyber coverage may insure against legal defense costs and resulting settlements or judgments that can include hiring attorneys, consultants and expert witnesses for civil lawsuits brought by:
- Customers / Clients
- Business partners or vendors
- Regulatory or administrative agency investigations and prosecutions
WHAT IS CYBER LIABILITY?
Cyber liability is the risk posed by conducting business over the internet. Any electronic storage or transfer of sensitive information is a cyber liability — whether your sensitive data is stored in the cloud or on a network.
WHAT IS A CYBER SECURITY INCIDENT?
A cyber security incident is an event that threatens the security, confidentiality, integrity, or availability of information assets (electronic or paper), information systems, and the networks that deliver the information.
WHAT IS A DATA BREACH?
A data breach is a serious type of security incident in which sensitive, protected and confidential data, has potentially been viewed, used or stolen by an unauthorized entity. Data breaches may involve personally identifiable information (PII) such as social security numbers, personal health information (PHI), intellectual property or trade secrets.
WHAT IS THE COST OF A DATA BREACH?
The 2018 Cost of a Data Breach Study: Global Overview from the Ponemon Institute, found that the average total cost of a data breach, the average cost for each lost or stolen record (per capita cost), and the average size of data breaches have all increased beyond the 2017 report averages, as seen below.
– The average total cost rose from $3.62 to $3.86 million, an increase of 6.4 percent
– The average cost for each lost record rose from $141 to $148, an increase of 4.8 percent
– The average size of the data breaches in this research increased by 2.2 percent
Now imagine the costs for lost records multiplied by hundreds, thousands, or tens of thousands of impacted parties of the security breach. Many organizations never recover from the financial and reputational damages resulting from a suspected or actual data breach. Less visible costs can include insurance premium increases, damage to credit rating, business disruption or destruction, loss of business, loss of intellectual property and damaged reputation. Additionally, the report notes the loss of customer trust has serious financial consequences. Organizations that lost less than one percent of their customers due to a data breach resulted in an average total cost of $2.8 million. If four percent or more was lost, the average total cost was $6 million, a difference of $3.2 million.
WHAT ARE THE POTENTIAL CYBER RISKS THAT SHOULD CONCERN ME?
Failure to acknowledge cyber risk puts your current financial situation and your organization’s sustainability in danger. It is imperative to assess and understand all the ways you are vulnerable to cyber incidents and cyber attacks and then make a deliberate effort to mitigate these risks. The scope and severity of cyber risks vary. Security challenges can range from simple human error to rogue employees, software errors, hacks, lost or stolen hardware, to unauthorized network intrusions and targeted attacks. Findings of the 2016 Ponemon indicates malicious attacks remain the most common cause of data breaches at roughly 50 percent and as such are costlier than cyber risks like a human error or system glitches.
WHY DO I NEED CYBER LIABILITY COVERAGE?
As cyber threats continue to expand, cyber liability coverage must be considered as part of your risk management strategy and program. It is vital to manage and maintain your organization’s privacy and network security to mitigate cyber risk and avoid the potentially astronomical and devastating costs of a security incident or data breach.
WHAT DOES CYBER LIABILITY INSURANCE COVER?
A cyber liability policy can be tailored to your individual needs. The risk advisory professionals at Chernoff Diamond believe that organizations must know their risks to effectually manage them. Our risk management consultants provide assistance to identify your cyber vulnerabilities and develop a comprehensive cybersecurity risk management strategy. Let us help you acquire the coverage you need to protect you from the genuine threat of cyber liability.
Return to the Cyber Liability Insurance page.