expert’ s corner
management framework. However, it is impossible to reduce cyber risk to zero, as deliberate malicious acts by an employee or key vendor are difficult to completely prevent. Cyber insurance is a prudent risk mitigation tool that can protect your organization. In the event of a breach, cyber insurance can provide the financial assistance you will need to keep operating, address the breach and defend against lawsuits.
WHAT DOES CYBER INSURANCE COVER?
Cyber insurance is a highly unique form of coverage because it can cover expenses incurred to address a breach, as well as provide the legal defence you need to respond to a lawsuit. The forms of coverage available are as follows:
First Party Coverage( i. e., coverage for your costs and expenses incurred) 1. Privacy Breach Remediation, Response and Notification Expenses: Covers fees, costs or expenses incurred by the policyholder for the following: a. Determining the persons whose information was accessed without their authorization and the communications required to notify them; b. Credit monitoring services to those affected; c. Compliance with any security breach notification laws.
2. Digital Asset Restoration Expenses: Covers the costs or expenses incurred by the policyholder to restore, replace or reproduce damaged or destroyed computer programs, software or other electronic data.
3. Business Interruption Loss: Covers your loss of business income and the extra expense you incur directly resulting from a disruption to your computer system.
4. E-Commerce Extortion Threat: Covers the costs incurred by the policyholder resulting from threats made to you by an individual or entity other than an employee, expressing an intention to: a. Cause the policyholder to transfer or pay any funds using a computer system without your authorization; b. Sell or disclose confidential information about a customer of the policyholder; c. Alter, damage, or destroy any computer program, software or electronic data that is stored on the policyholder’ s computer system.
5. Computer and Funds Transfer Fraud: Covers the policyholder’ s loss of money or securities resulting from: a. An intentional, unauthorized and fraudulent instruction transmitted to a financial institution; b. An intentional, unauthorized and fraudulent entry of data or computer instructions.
INSURANCE IS OFTEN THE STOPGAP REQUIRED TO PREVENT A SMALLER COMPANY FROM CEASING OPERATIONS AS A RESULT OF THE FINANCIAL LOSSES INCURRED AS A RESULT OF A CATASTROPHIC BREACH.
Third Party Coverage( i. e., coverage to defend lawsuits brought against you) 1. Network Security and Privacy Breach Liability: Covers claims brought against the policyholder alleging: a. Policyholder’ s failure to prevent unauthorized access to, or use of, electronic or non-electronic data containing personal identity information; b. Policyholder’ s failure to prevent the transmission of a computer virus into a third party’ s computer network or application software; c. Policyholder’ s failure to provide notification of any actual or potential unauthorized access to, or use of, confidential information of others if notification is required by any security breach notification law.
2. Internet Communications and Media Liability: Covers claims brought against the policyholder alleging: a. Policyholder’ s unauthorized use of, or infringement of, copyright, title, slogan, trademark, domain name or logo; b. Policyholder’ s defamation, libel, slander, disparagement or harm to the reputation or character of any third party person or organization.
3. Regulatory Defense Expenses: Covers the legal defense costs incurred by a policyholder to defend an investigation or regulatory proceeding brought against the policyholder by a federal, provincial or government entity.
An effective cyber security strategy can help reduce the risk of a privacy breach or data security incident. The supply chain can represent a significant vulnerability for your organization and Canadian organizations should consider cyber insurance as an important component within their overall risk management strategy.
Derrick Leue is the president of PROLINK, Canada’ s Insurance Connection. PROLINK is the proud insurance partner of SCMA and manages the business insurance program and the home and auto program for members.
32 • SUPPLYCHAINCANADA. CA • SCMA