Cyber Risk Insurance Coverage FAQs

WHAT IS CYBER RISK INSURANCE?
Cyber risk insurance is a key part of a cyber security strategy to mitigate first-party and third-party cyber liability risks. The distinction between first-party and third-party cyber risk insurance is relative to who is impacted by the security breach. First-party cyber liability coverage applies to the policyholder’s losses and third-party coverage applies to losses resulting from the policyholder’s actions or omissions.

WHAT ARE SOME EXAMPLES OF FIRST-PARTY CYBER LIABILITY COVERAGE?

  • Forensic investigation to determine if a data breach occurred, its cause and scope of the breach
  • Computer / Data loss replacement or restoration costs
  • Business interruption, income losses and additional service expenses
  • Public relation consultants for appropriate communication to customers /partners /the public and reputation management consulting
  • Victim notification costs, call center and credit monitoring costs
  • Regulatory authority notification costs and fines
  • Electronic theft and fraud protection
  • Cyber extortion demands

WHAT ARE SOME EXAMPLES OF THIRD-PARTY CYBER LIABILITY COVERAGE?
Third-party cyber coverage may insure against legal defense costs and resulting settlements or judgements that can include hiring attorneys, consultants and expert witnesses for civil lawsuits brought by:

  • Customers / Clients
  • Business partners or vendors
  • Shareholders
  • Regulatory or administrative agency investigations and prosecutions

WHAT IS CYBER LIABILITY?
Cyber liability is the risk posed by conducting business over the internet. Any electronic storage or transfer of sensitive information is a cyber liability — whether your sensitive data is stored in the cloud or on a network.

WHAT IS A CYBER SECURITY INCIDENT?
A cyber security incident is any event that threatens the security, confidentiality, integrity, or availability of information assets (electronic or paper), information systems, and/or the networks that deliver the information.

WHAT IS A DATA BREACH?
A data breach is a serious type of security incident in which sensitive, protected and/or confidential data, has potentially been viewed, used or stolen by an unauthorized entity. Data breaches may involve personally identifiable information (PII) such as social security numbers, personal health information (PHI), intellectual property or trade secrets.

WHAT IS THE COST OF A DATA BREACH?
The 2016 Cost of Data Breach Study from the Ponemon Institute reports the average total cost of a data breach for a U.S. company is $7 million. Another key finding is costs due to lost business are greater than those directly related to the data breach. On average, stolen records cost a company $221 per record of which $76 represents direct costs related to technology or legal fees, with $145 of the total allotted to indirect costs such as loss of customer base. Now imagine those costs multiplied by hundreds, thousands, or tens of thousands of impacted parties of the security breach. Many organizations never recover from the financial and reputational damages resulting from a suspected or actual data breach.
Less visible costs can include insurance premium increases, damage to credit rating, business disruption or destruction, loss of business, loss of intellectual property and damaged reputation.

WHAT POTENTIAL CYBER RISKS SHOULD CONCERN ME?
Failure to acknowledge cyber risk puts your current financial situation and your organization’s sustainability in danger. It is imperative to assess and understand all the ways you are vulnerable to cyber incidents and cyberattacks and then make a deliberate effort to mitigate these risks. The scope and severity of cyber risks vary. Security challenges can range from simple human error, to rogue employees, software errors, hacks, lost or stolen hardware, to unauthorized network intrusions and targeted attacks. Findings of the 2016 Ponemon indicates malicious attacks remain the most common cause of data breaches at roughly 50 percent and as such are costlier than cyber risks like human error or system glitches.

WHY DO I NEED CYBER LIABILITY COVERAGE?
As cyber threats continue to expand, cyber liability coverage must be considered as part of your risk management strategy and program. It is vital to manage and maintain your organization’s privacy and network security to mitigate cyber risk and avoid the potentially astronomical and devastating costs of a security incident or data breach.

WHAT DOES CYBER LIABILITY INSURANCE COVER?
A cyber liability policy can be tailored to your individual needs. The risk advisory professionals at Chernoff Diamond believe that organizations must know their risks to effectively manage them. Our risk management consultants provide assistance to identify your cyber vulnerabilities and develop a comprehensive cyber security risk management strategy. Let us help you acquire the coverage you need to protect you from the very real threat of cyber liability.

For more information, visit our Cyber Liability Insurance page or contact one of our Risk Advisors today at: 411risk@chernoffdiamond.com.