Understanding Cyber Liability Insurance
Understanding Cyber Liability Insurance
Seemingly every week, there’s another story in the news about a cyber breach wherein a well-known company, presumably with stringent security measures in place, has suffered a data breach and its data about its customers, transactions, or its customer’s financial information is now out in the wild. While breaches at the bigger companies make it to the news headlines, cybersecurity is a risk for all businesses and precisely the reason that insurers began to provide cyber liability insurance.
Specifically, cyber liability insurance covers third-party losses from privacy liability and network security liability. Business insurance policies each cover very specific types of potential losses, and a standard business owner’s policy or a general liability insurance policy will not insure against cyber liability. If your business network is breached or private customer financial data is stolen electronically, your business can face potentially massive cyber liability exposure. Additionally, transmission of a computer virus from the computers on your business network to customers or clients can create liability for their losses. In the third example of risks covered by cyber liability insurance, a network attack targeting your business computers might prevent your business from performing a vital service, which can also create a liability.
Cyber Liability Insurance: Privacy Liability
Nearly every business holds confidential customer records. Point of sale systems or payment software can expose customers payment details and credit card numbers. Other businesses may have additional proprietary customer information such as Social Security numbers, names, and addresses, medical records, or other private information with which the business was entrusted. One or more of these types of data in the wrong hands can create losses for customers or clients and liability for your business.
A recent study shows that 43 percent of cyber attacks target small businesses, those with the least resources to invest in network security. Following that stunning statistic, the study also found that 60 percent of the small businesses which had suffered a cyber attack had to shutter their doors within six months of the breach. Many companies now offer training for employees to educate staff on data precautions and cybersecurity, but even with education, human error and negligence lead to nearly half of the breaches, with the other half coming from a number of other causes including persistent cyber attacks.
Cyber Liability Insurance: Network Security Liability
There is also a network security element to cyber liability. Businesses can become liable for damages to others due to a virus transmission. It’s likely that every business has had a virus come into its email system at some point. Antivirus software continues to improve, and hackers and authors of malicious computer viruses continue to find clever ways to slip through virus software filters. Many of these viruses first infect the computer of someone without access to proprietary data, but continue to spread throughout the company, infecting more computers and possibly finding one that holds confidential customer information. These viruses can circulate not only within the company but also reaching other companies or clients through email. As with most things, prevention is the best cure, but no security measures are one hundred percent effective and cyber liability insurance can provide coverage for damages to others caused by unwitting virus transmission.
Another important factor in network security liability is a denial of service. A growing cause of concern for businesses, and one that is often more easily accomplished by those with malicious intent, is a distributed denial of service (DDOS) attack. Effectively, a network of computers can be used to make so many simultaneous requests upon your servers that your servers go down or become unresponsive. For some businesses, this will create more inconvenience than liability. For other businesses though, when the servers go down critical services cannot be performed, which can create liability.
A cyber liability insurance policy will pay to defend your business in the event of a lawsuit, even in cases where a third party was harmed through no fault of your own or your employees. A virus or other threat may have come from another source, but defending your business against the lawsuit can be an expensive pursuit. A cyber liability insurance policy puts your defense in the hands of experts in this type of lawsuit.
Cyber Liability Insurance Policy Considerations
Some cyber liability insurance policies also have a provision for first-party coverage. Any cyber attack or breach can be accompanied with rapidly scaling costs to analyze the breach, purchase or replace equipment, notify those affected, and other costs related to the breach or cyber attack. It’s possible for these expenses to be larger than the liability that results from the breach. For cyber liability insurance policies that have first-party coverage, these expenses could be paid through the claim.
Any business with online exposure, including email, and businesses that hold confidential customer information, such as payment information, can have cyber liability risk. This leaves almost no business immune and cyber liability coverage is not part of a standard business owner’s policy or general liability insurance policy, leaving many businesses uninsured for this peril. Bigger companies likely have the most exposure to cyber liability simply due to a larger number of customer records held and more emails exchanged, but a cyber liability risk exists for companies of all sizes and in all industries.
We’re Here to Help
Call our office at (850) 942-7760 to learn more about all of our cyber insurance and personal risk management solutions.
Demont Insurance Agency & Financial Services, Inc. The Insurance You Need, The Assurance You Deserve.
Disclaimer: This article is provided for informational purposes only. The information provided herein is not intended to be exhaustive, nor should it be construed as advice regarding coverage. Eligibility for coverage is not guaranteed and limited to the terms and conditions contained in the applicable policy