Posted on 4th May 2022 at 11:44
“Cyber” is one of the most talked about topics in business, insurance, and media, but also seems to be one of the most misunderstood.
This is mostly down to the fact that the development of cyber insurance has historically been driven by the US market, and therefore focused primarily on third-party privacy exposures. At the same time, traditional insurance policies have tried, but rarely succeeded, at addressing cyber risks; this has left clients believing many exposures are covered when they aren’t.
Why do you need Cyber Insurance?
Cyber insurance is necessary because traditional insurance policies were not designed to handle 21st century threats. Many standard first-party insurance policies such as property and traditional crime were designed to deal with threats to a company’s physical assets – their buildings, machinery, office equipment and tangible money only.
The majority of businesses these days have a much greater reliance on their digital assets than they do on their physical ones, which makes a ‘Cyber’ policy essential.
Truthfully, cyber attacks can happen to any business, no matter how big or how small. All data is valuable, so if your company holds data on their systems, even just names and addresses, you become at risk of a cyber attack. Although firewalls and other security measures are essential and can be used to prevent the likelihood of an attack, these measures do not stop an experienced attacker, so having the insurance in place in case they were to breach through this is vital.
How does it work?
Cyber insurance policies tend to be modular in nature, meaning that they consist of a variety of different coverage areas. Broadly speaking, most cyber policies can be divided into two areas – first party covers, and third party covers.
Typical ‘First-Party’ covers include:
• Incident Response - This section will generally pick up all the costs involved in responding to a cyber incident in real time, including IT security and forensic specialist support, gaining legal advice in relation to breaches of data security, and the cost associated with having to notify any individuals that have had their data stolen.
• Cyber Extortion - This section covers costs incurred in responding to fraudsters attempting to extort money out of an insured by either threatening to carry out a cyber attack or by threatening to expose or destroy data.
• System Damage - This covers the costs for the insured’s data and applications to be repaired and restored if their computer systems are damaged as a result of a cyber event.
• System Business Interruption - This aims to reimburse loss of profits and increased costs of working as a result of interruption to a business’ operations caused by a cyber event.
Typical ‘Third-Party’ covers include:
• Network Security & Privacy Liability - This covers third-party claims arising out of a cyber event, be it transmission of harmful malware to a third party’s systems or failing to prevent an individual’s data from being breached.
• Regulatory Fines – If permitted, this will cover the cost of certain fines and penalties that a regulatory body might enforce on an organisation as a result of them having suffered a data breach.
• Media Liability - This covers any third-party claims arising out of defamation or infringement of intellectual property rights.
Types of Cyber Claims
More than 95% of cyber claims are for first party losses only and they fall into three broad categories:
• Theft of Funds - This is straight forward theft of money from a company’s bank account. The fact that nearly every business can now move its money around electronically and remotely means that it is much easier to steal.
• Theft of Data - Identity theft has reached record levels in the UK, and to commit identity theft, criminals need data. Seemingly innocuous information such as names and addresses stored on a computer network can be worth more money than you think.
• Damage to Digital Assets - Businesses have an incredibly high dependency on their computer systems these days, and criminals know that. By either damaging or threatening to damage a firm’s digital assets, attackers know that they can extort money from their victims who might prefer to pay a ransom rather than see their business grind to a halt.
Today it’s clear that most cyber events tend to cause financial loss to the insured themselves, as opposed to third-parties that they deal with. In fact, cyber claims figures show that less than 5% of cyber claims by volume involve third-party legal action
Are you covered in the event of a Cyber Attack?
As you can see, the need for Cyber Insurance has never been so important! While cybercrime is on the rise, would it not be worth checking to see if your adequately covered in the event of a cyber attack?
Give our main office a call today and have a chat with our team to find out:
020 3830 7060
Alternitively, email any enquiries over to;
BIBA Cyber Guide
Tagged as: Insurance Solutions
Share this post: