What are the risks and what is Cyber Insurance?
Cyber insurance looks at protecting your e-business from a variety of first and third party exposures.
First party risks are an element that you can insure against. This could be loss or damage to your digital assets such as client data and software programmes on your computer. Imagine your computer network is down when it regenerates your data is lost, technology is unpredictable and can breakdown, but you can be covered against this. If a ‘hackivist’ tries to extort money form you by threatening to damage your network, send private data out and damage your reputation as a company, you can be covered for the extortion money they demand to prevent any further damage. You can be covered for PR expenses in order to re-build your company reputation, if needs be.
Third party risks are vital for those who handle customer/third party confidential information. If you suffer a breach in your network and personal details are on your system, you will have to notify all parties whose details may have been breached: notifying parties could cost a significant sum of money, but under this policy and in majority of cases there is no limit on the amount of notifications paid out under the policy. A third party risk could be a mistake made by your own employee(s). A human error. You could be covered against this.
Can you afford not to be covered for this?
Think about how much you use your computers, how much time do you spend online? How much money have you put into building your online reputation? How long have you spent doing all of this?
Smaller companies are more vulnerable to this as they may not have the cash-flow to pay out should anything go wrong. Companies who sell online, send invoice via email and have their entire client base online are at risk. If you showcase yourself on a website, could you afford to lose that? Are you secure enough to be un-insured against this risk?
Who needs this?
Anyone who has data on third parties and employees should consider their exposure, voluminous and sensitive the data, the more you need to consider Cyber Insurance. You need to consider this product if you’re heavily based online, like most of us are. Companies that control their infrastructure using online network systems for their machinery; what would happen if your network went down? Those who have online sale shave clear exposure; the loss of income following a network failure could be significant.
Many will remember the Play Station Network breach in 2011: 77 million PSN and Qriocity customers’ data was breached. Think. If it could happen to such a reputable company, it could happen to anyone.
Depending on your local regulatory and legal obligation on notifying third parties if there’s a breach in data; (whether that’s actual or suspected) it could mean spending millions of pounds recovering this, depending on how much data you have. The cost to recover a breach in data per record in the UK was £71 in 2010.
“A large UK retailer’s network was damaged this resulted in the loss of various marketing databases, their team couldn’t recover them. The cost of building these from scratch and keying them back into the system: £750K claim.” Luckily they were insured.
Do you already have cover for loss of data under other insurance policies?
If you have Professional Indemnity you may have some third party coverage on loss of data, but only if it occurs in the ordinary course of providing your services. It is much more settling to know you have a tailored policy to cover loss of data specifically. Professional Indemnity won’t insure you against computer virus transmissions or employee mistakes.
Computer All Risks and Property insurance covers your tangible property, however data is deemed by the courts as an intangible asset, and therefore means you aren’t insured against loss of data occurring.
General Liability covers property damage losses and bodily injury, but again it doesn’t cover an intangible form of property.