Risk & Business Magazine Marcotte Magazine Fall 2017 | Page 31

CYBER-ATTACKS Cyber insurance is a carefully nuanced type of investment, with no “one-size- fits-all” policies. As such, most business owners seeking coverage would do best to seek advice from their broker, bearing in mind that some agencies may not be as familiar with this type of coverage as others. If your broker suggests incorporating cyber insurance as part of your general liability policy, be wary! Most general liability policies will not include all of the aspects of loss—detailed below—for which you need coverage. Before you even begin the research process, ask your broker or advisor how experienced they are in cyber security coverage and how many carriers they represent. Ideally, the broker you select will have expertise in the area and knowledge of the particular exposures for your type of business. Here are some of the coverage features to consider when choosing the ideal policy: • • First-party versus third-party. Consider the extent of coverage you need to best protect yourself. Do you only need coverage for notification costs and crisis management (first party) or do you also need coverage for regulatory defense and penalties, payments, card industry fines and information security liability (third party)? Business interruption. A cyber- attack can potentially cripple your computer systems, leaving your business unable to function. Business interruption coverage is especially desirable for e-commerce companies to compensate them for lost business resulting from an attack. BY: DAN O’HALLORAN SALES & MARKETING LEADER • Crisis management. The theft of confidential data can become a publicity fiasco that requires help from a crisis management firm. Even large Fortune 500 companies have been unable to protect themselves from bad press resulting from customer information leaks, so it may be worth considering crisis management as part of your coverage. • Call center. Will your policy cover expenses for a call center should you need one? The call center can be used to respond to customer and media inquiries, sparing you the need to invest internal resources. • Credit monitoring. If credit card or other financial information has been stolen, your customers will demand credit monitoring services. Not only will this help your customers directly, but it will also help to rebuild your damaged reputation. • Extortion. It sounds like something out of a spy novel, but it is, unfortunately, all too real. Foreign entities in particular can invade your computer systems, potentially disabling them if not paid a sizeable sum in ransom. • Disaster recovery. Following a data breach, an investigation will take place into the cause and extent of damages. Disaster recovery covers expenses for any needed personnel including forensic accountants, attorneys, and advisors. • Social engineering fraud. Hackers can pose as a trusted vendor or even impersonate your CEO in order to trick someone in your organization into wiring money. Social engineering fraud protection is typically excluded under a standard crime policy. Your insurance agent can help you compare policies and explore in detail the depth of coverage and specific circumstances each one offers. Policies will differ not only in their scope of coverage but also in premium costs, limits, deductibles and other factors. Generally, pricing will depend on the size of your business measured in terms of revenue or the number of customer and employee records. Be sure to communicate openly with your broker, spending time to ensure that he or she fully understands your business operations, and ask plenty of questions along the way. A good agent will also help you explore additional ways to protect your business such as by instituting enhanced employee training, computer firewall and virus protection, data handling rules and other measures. In general, an atmosphere of awareness and caution among employees can go a long way in avoiding common- sense lapses that can lead to data vulnerabilities. To learn more about purchasing cyber insurance for your business, contact Dan O’Halloran, Marcotte Sales & Marketing Leader at (402) 970-3308 or [email protected]. + Dan O’Halloran is a Sales and Marketing Leader within the Commercial Lines Department and principal of the agency. He has been active on the Board of Directors since 2001. Dan’s role is to help clients create effective insurance and risk management programs through policy design and loss control analysis. He has held various positions with Marcotte since joining the firm in 1998 and has developed a diversified book of business through affiliations with other professional advisors. Dan can be reached at 402-970-3308. 31