CYBER INSURANCE
In an increasingly connected world , no organization is immune from cyber-attacks . Whether they come sooner or later , you can be assured that they will come at some point . In the cybersecurity community , they talk about two kinds of businesses : those that have been breached and those that don ’ t realize they have been breached .
With more and more companies experiencing data breaches , the market for cyber insurance has grown exponentially in recent years . Unfortunately , cyber insurance is not as straightforward as many other types of insurance . Fortunately , that means it can be tailored to your company and you won ’ t get stuck with a one-size-fits-all policy .
Most cyber policies are offered on an a la carte basis , which allows policyholders to negotiate the terms and conditions they require and purchase coverage which will fit their individual needs . It is critical , however , to understand what you need from your cyber insurance and assess your business and its risks when trying to find the best coverage .
There are six essential aspects of cyber insurance which you should understand moving forward :
1 . LIMITS AND SUBLIMITS Hands down , the issue of limits and sublimits is the most important aspect to understand . The cost of an attack , even a small one , can wind up in the millions of dollars . Policyholders need to be absolutely sure that their overall limits are within the scope of their level of risk . Doing this requires taking into consideration the costs associated with a potential data breach in conjunction with the limits of liability available . A broker is invaluable in this process .
Next , sublimits must be examined . These are extra limitations in the coverage of certain losses . They do not provide extra coverage per se , but they do set a maximum to cover specific losses . Sublimits are often applied to specific coverage areas , such as crisis management expenses , regulatory costs , or notification costs .
2 . VENDOR ACTS AND OMISSIONS Along with the interconnectivity of the modern business environment is the entry of third-party vendors who store , process , and analyse data for businesses . While they make doing business easier , and often reduce overhead , they also represent a source of exposure . It is critical that your cyber liability policy will cover claims resulting from breaches caused by those third-party vendors .
3 . RETROACTIVE COVERAGE Standard cyber policies place limits on ( or outright deny ) coverage for breaches occurring before a specified date . This applies even if the claim is made during the policy period . The date is typically going to be the date of the inception of the policy , but not always . Unfortunately , breaches often go undiscovered for weeks or months ( or even longer ). Having your policy extend retroactively is an essential aspect that shouldn ’ t be overlooked . Often , retroactive coverage can extend one , two , five , or even ten years in the past , though some insurers offer unlimited extensions .
4 . EXCLUSIONS Every type of insurance is going to carry exclusions which limit the overall coverage . Understanding these exclusions is important to understanding where you may still be exposed to risk . When it comes to cyber insurance , there are three very common exclusions :
• Outdated software – Outdated software poses significant risk . Insurers often will not cover claims related to tools which have become outdated and are not receiving regular maintenance .
• Unencrypted mobile devices and data – Encryption doesn ’ t always mean data is safe , but many carriers view it as a benchmark of cyber security . Thus , it is important to understand whether or not proactive encryption costs would outweigh the alleviation of risk .
• Card issuer fines and penalties – Fines and penalties can be levied against an organization by card issuers , such as Visa , Mastercard , and American Express . These can be expensive and many policies exclude them .
Other common exclusions include bodily injuries and acts of foreign governments . Carefully go over your policy with a broker to understand when you are and are not covered under your current policy , and act accordingly .
5 . PANEL PROVISIONS Often , insurers will have preferred vendors that they wish to use in the case of a breach . This means that having a pre-existing relationship with experts , legal professionals , or investigators will not matter if they are not approved by the carrier . Fortunately , this is an area which is often up for negotiation . It is important to make sure you have your chosen panel approved ahead of time , though , so you aren ’ t left in the cold when the time comes to make use of it .
6 . CONSENT PROVISIONS Cyber policies often contain consent provisions that require policyholders to obtain the consent of the insurer before incurring certain expenses related to cyber claims . These cyber claim expenses are often related to notifying customers that a data breach has taken place , conducting investigations , or defending against third-party claims . If prior consent provisions are included in the policy and cannot be removed , policyholders should at the very least change them to ensure the consent of the carrier cannot be unreasonably withheld .
MOVING FORWARD Cyber insurance is a relative newcomer to the industry . It is continuously evolving , just like the cyber threats that are constantly emerging . A proactive approach is essential to keeping cyberattacks at bay and ensuring proper coverage . Working closely with a broker specializing in cyber threats and insurance and consistently analysing your needs based on new information is essential to success .
For more information and to find out whether your needs are being met , contact Cooke Insurance Group today . +
27
CYBER INSURANCE
I
n an increasingly connected world,
no organization is immune from
cyber-attacks. Whether they come
sooner or later, you can be assured
that they will come at some point. In
the cybersecurity community, they talk
about two kinds of businesses: those that
have been breached and those that don’t
realize they have been breached. vF�&R��B�&R�6��W0W�W&V6r�F�F��'&V�6W2�FP�&WB�f"�7&W"�7W&�6R��0w&v�W�VF�ǒ��&V6VB�V�'2Vf'GV�FVǒ�7&W"�7W&�6R�2�@�2�7G&�vFf'v�&B��2���FW"�G�W0b�7W&�6R�f'GV�FVǒ�F�B�V�2�@6��&R�F�&VB�F�W"�6����B�Pv( B�vWB�7GV6�vF���R6RfG2��Ɩ77B�7&W"��Ɩ6W2��&R�ffW&VB�������6�'FR�&�62�v6��w2��Ɩ7FW'2�FVvF�FR�FR�FW&2��B�6FF2�FW&W�V&R��B��W&6�6R�6fW&�vR�v6v�fB�FV"�FfGV��VVG2�B�2�7&F6�vWfW"�F�VFW'7F�B�v�B�R�[email protected]g&�W"�7&W"�7W&�6R��B��76W70W"�'W6W72��B�G2�&62�vV�G'r�FfB�FR�&W7B�6fW&�vRFW&R��&R�6�W76VF���7�V7G2�b�7&W 7W&�6R�v6�R�6VB�VFW'7F�@fr�f'v�&C��ĔԕE2��B�5T$ĔԕE0�G2�Fv�FR�77VR�b�Ɩ֗G2��@7V&Ɩ֗G2�2�FR�7B��'F�B��7�[email protected]F�VFW'7F�B�FR�67B�b����GF�6WfV���6��R�6��vB�W���FP֖Ɩ2�b�F�'2��Ɩ7FW'2�[email protected]F�&R��'6WFVǒ�7W&R�F�B�FV"�fW&�Ɩ֗G2��&R�vF�FR�66�R�b�FV"�WfVb�&6�Fr�F2�&W�V&W2�F�r�F66FW&�F�FR�67G2��766�FVB�vF���FVF��F�F��'&V�6��6V7F�vFFR�Ɩ֗G2�b�Ɩ�&ƗG��f��&R���'&W"�0f�V�&R��F2��&6W72WB�7V&Ɩ֗G2�W7B�&R�W�֖VB�FW6P�&R�WG&��Ɩ֗F�F2��FR�6fW&�vPb�6W'F��76W2�FW�F�B��&fFPWG&��6fW&�vR��W"�6R�'WB�FW�F�[email protected]���V�F�6fW"�7�V6f2�76W27V&Ɩ֗G2��&R�gFV����ƖVB�F�7�V6f06fW&�vR��&V�2�7V6��2�7&62���vVV@W�V6W2�&VwV�F'�67G2�"�Ff6�F67G2"�dTD"��5E2��B�ԕ540�r�vF�FR�FW&6V7FfG�b�FPFW&�'W6W72�Vf&VB�2�FPVG'�b�F&B��'G�fVF'2�v�7F&R�&6W72��B���Ǘ6R�F�F��f"�'W6W76W2vR�FW��R�Fr�'W6W72�V�6W"�B�gFV�&VGV6R�fW&V�B�FW��6&W�&W6VB���6W&6R�b�W�7W&R�B�07&F6��F�B�W"�7&W"�Ɩ�&ƗG��Ɩ7v�6fW"�6�2�&W7VFr�g&�'&V�6W06�W6VB�'�F6R�F&B��'G�fVF'22�$UE$�5DdR�4dU$�tP7F�F�&B�7&W"��Ɩ6W2���6R�Ɩ֗G2�ࢆ"�WG&vB�FV璒�6fW&�vR�f"�'&V�6W067W'&r�&Vf&R���7�V6fVB�F�FR�F0���ƖW2�WfV�b�FR�6��2��FR�GW&pFR��Ɩ7��W&B�FR�F�FR�2�G�6�ǐvr�F�&R�FR�F�FR�b�FR�6W�F�`FR��Ɩ7�'WB�B��v�2�Vf'GV�FVǒ'&V�6W2�gFV�v�VF66fW&VB�f"�vVV0"�F2�"�WfV�vW"��fr�W �Ɩ7�WFVB�&WG&�7FfVǒ�2���W76VF��7�V7B�F�B�6VF( B�&R�fW&VBgFV�&WG&�7FfR�6fW&�vR�6��WFV@R�Gv�ffR�"�WfV�FV�V�'2��FR���7BFVv�6R�7W&W'2�ffW"�VƖ֗[email protected]WFV62B�U4U40WfW'�G�R�b�7W&�6R�2�vr�F6�''�W6W62�v6�Ɩ֗B�FR�fW&�6fW&�vR�VFW'7F�Fr�FW6R�W6W602��'F�B�F�VFW'7F�Fr�vW&PR���7F�&R�W�6VB�F�&6�vV�@6W2�F�7&W"�7W&�6R�FW&R��&R�F&VPfW'�6�W6W63(
WFF�FVB�6gGv�&R�( 2�WFF�[email protected]6gGv�&R��6W2�6vf6�B�&6ख7W&W'2�gFV�v�B�6fW"�6�0&V�FVB�F�F2�v6��fR�&V6PWFF�FVB��B��&R�B�&V6Vfp&VwV�"��FV�6R(
�VV7'�FVB�&R�FWf6W2��@F�F��( 2�V7'�F�FW6( B��v�0V��F�F��2�6�fR�'WB���6�'&W'0fWr�B��2���&V6�&�b�7&W 6V7W&G�FW2�B�2��'F�B�FVFW'7F�B�vWFW"�"�B��&�7FfPV7'�F�67G2�vVB�WGvVv�FP�Wf�F�b�&6(
�6�&B�77VW"�fW2��B��V�FW2�( 0fW2��B��V�FW2�6��&R�Wf[email protected]�v�7B���&v�旦�F�'�6�[email protected]77VW'2�7V6��2�f6���7FW&6�&B�B��W&6��W�&W72�FW6R�6��&PW�V6fR��B����Ɩ6W2�W6VFPFVFW"�6�W6W62�6VFR�&FǐW&W2��B��7G2�b�f&Vv�vfW&VG26�&VgVǒ�v�fW"�W"��Ɩ7�vF��'&W"�F�VFW'7F�B�vV�R��&R��@�&R�B�6fW&VB�VFW"�W"�7W'&VB��Ɩ7�B��7B��66&FvǒR���T��$d40gFV�7W&W'2�v��fR��&VfW'[email protected]fVF'2�F�B�FW�v6�F�W6R��FR�6�6Pb���'&V�6�F2�V�2�F�B��fr���&RW7Fr�&V�F6��vF�W�W'G2Vv���&fW76�2�"�fW7Fv�F'2�vB��GFW"�b�FW��&R�B����&fVB�'�FP6�'&W"�f'GV�FVǒ�F2�2����&V��v62�gFV�W��f"�VvF�F�B�2��'F�@F��R�7W&R�R��fR�W"�66V���V���&fVB��V�B�b�FR�FVv�6�P�&V( B�VgB��FR�6B�vV�FR�FP6W2�F��R�W6R�b�Bb�44TB��$d407&W"��Ɩ6W2�gFV�6F��66V@�&f62�F�B�&W�V&R��Ɩ7FW'2�F'F��FR�66VB�b�FR�7W&W"�&Vf&P7W'&r�6W'F��W�V6W2�&V�[email protected]F�7&W"�6�2�FW6R�7&W"�6�ЦW�V6W2��&R�gFV�&V�FVB�F�Fgp7W7FW'2�F�B���F�F��'&V�6��2�F�V��6R�6GV7Fr�fW7Fv�F2� FVfVFr��v�7B�F&B��'G�6�2�`�&"�66VB��&f62��&R�6[email protected]�FR��Ɩ7��B�6�B�&R�&VfVB�Ɩ7FW'2�6VB��B�FR�fW'�V�[email protected]6�vR�FV�F�V7W&R�FR�66VB�b�FP6�'&W"�6�B�&R�V&V�6�&ǒ�vFVBdr�d%t�[email protected]7&W"�7W&�6R�2���&V�FfR�Wv6W F�FR�GW7G'�B�2�6FVW6ǐWffr�W7B�ƖR�FR�7&W"�F&V�G2�F�@�&R�67F�Fǒ�VW&vr����&�7FfP���&�6�2�W76VF��F�VW�r�7&W"Ц�GF�62��B�&���B�V7W&r��&�W 6fW&�vR�v&r�66Vǒ�vF��'&W"�7�V6�Ɨr��7&W"�F&V�G2��@7W&�6R��B�667FVFǒ���Ǘ6pW"�VVG2�&�6VB��Wr�f&�F�0W76VF��F�7V66W72f"�&R�f&�F��B�F�fB�[email protected]vWFW"�W"�VVG2��&R�&Vr�WB6F�7B�6R�7W&�6R�w&W��FF��#p