Cyber insurance can help organizations get back to business after a cyber attack or a data breach. Cyber insurance is a tailor made policy providing critical cover for liability and expenses you may incur out of an unauthorized use of, or unauthorized access to your computer systems.
The policy has 4 main coverage sections:
Losses to your business – Costs and revenue replacement cover
Loss to others – Sums payable, including regulatory fines, penalties and defense costs
Cyber event response costs – Costs incurred through event response and management services
Contingent Business Interruption – Costs and revenue replacement if external supplier suffers a Cyber Event
Here are some brief examples of typical Cyber Event protection losses that can arise for businesses:
A laptop containing lists of customer and personal contact information is left on the bus. Costs of contacting the customer list and advising them of the situation together with associated costs of appointing a credit monitoring service.
Client designs destroyed in virus attack
Customer designs are compromised after a work colleague opens an email that lets a virus into the network.
The Insurer’s response team helps you mitigate the impact of the virus and stop it infiltrating your system any further.
Removal of the virus from your system, associated costs of mitigating further loss or damage and the costs of restoring data in your system. Revenue impact on your business as a result of the cyber event.
Patient personal information
IT infrastructure has been accessed and a copy of all of your patient records may have been obtained.
The Insurer’s response team appoints a firm to contact your patients and communicate the situation to them. A credit Monitoring service is appointed to ensure that your patients’ financial records can be watched and any issue can be managed appropriately.
The costs of securing your system, contacting your patients and the related Credit monitoring costs.
Unauthorised sale / use of sensitive information
A Customer alleges that a failure of your IT system has led to financial information being obtained and ultimately leading to their credit rating being impacted.
Insurer would appoint a forensics investigator who assists with securing data and implementing appropriate preventative measures.
Credit monitoring facility is established to identify any unusual credit activity.
On investigation, an employee has copied these records and passing them on to a criminal gang who have been committing credit fraud.
Defence costs and payment of award, fine or penalty.
You receive an extortion e-mail. It is clear that if you don’t comply with the demands your business will be impacted.
You and your insurer’s response team determine that this is a genuine threat. The team neutralise the threat to systems to manage their customer delivery cycles. You have been unable to find a temporary your business and no extortion monies are paid. The costs to protect your operations and neutralising the threat.
One of your suppliers suffers a cyber event
A supplier advises you that they have had a significant cyber event and they cannot use computer systems to manage their customer delivery cycles. You have been unable to find a temporary solution for stock supplies. You suffer a downturn in business.
We will pay your impact on business costs as long as your supplier is subject to a Cyber Event as described in your wording.