Cyber security insurance has become a critical risk management tool for businesses that have embraced digital technology. However, these policies aren’t created equal, so it’s important that you understand which specific real-world protection you’re getting from your cyber risk coverage. Coverage benefits and exclusions generally vary by product, as explained below.
What Cyber Insurance Covers?
Most standard policies will cover the following loss events associated with data breach and other cyber incidents:
- Network security breach: This component covers the direct cost you incur as a result of a data breach, malware attack, or ransomware/cyber extortion. Covered expenses include legal (if sued), data breach and security analytics, and data recovery.
- Data privacy breach: Cyber liability coverage can pay for the costs you incur in defending your company against customer or employee data breach after a hacking incident. It can cover compensatory damages filed against you and other legal expenses.
- Business interruption (BI): With this coverage, you can recover lost profits and have your fixed costs paid for after a hacking event in your organization causes system failure.
- Media liability: It protects you when you’re liable for intellectual property infringement through digital or print advertising.
- Errors and omissions: This coverage benefits you when you incur costs due to customer disputes arising from the unavailability of your services after a cyber-attack.
What Cyber Insurance May Not Always Cover?
Some standard policies don’t offer the following protections:
- Business interruption sales losses: Not all cyber insurance policies provide coverage for profits lost due to business interruption after a cyber-attack.
- Business interruption losses within the waiting period: For example, if your business interruption coverage has a 12 hour waiting period, you’re only covered for losses after its expiry, counting from when the outage began.
- Third-party errors: As you search for the best cyber liability insurance near you, confirm whether or not your preferred plan covers third-party mistakes. Some policies won’t cover hacking or data breach incidents originating from your cloud provider.
- Hardware/software upgrades: The cost of hardware or software security fixes or replacements after a cyber-attack is usually not covered.
- Social engineering fraud: A company can lose a significant amount of money if a bad actor manipulates one of the employees into transferring large sums of money. Such attacks can also lead to liability claims and lawsuits against the impacted business. However, not every policy includes coverage for social engineering attacks that lead to the loss of company funds.
- Injury/property damage coverage: In certain industries, such as manufacturing with IoT systems, a remotely executed cyber-attack could cause equipment malfunction, resulting in bodily injury to personnel or consumers. Such a breach may also cause property damage, for example, spoilage of food due to refrigeration failure. Most cyber policies don’t cover such losses.
- Payment Card Industry (PCI) violations: Even if you have cyber insurance, you may have to pay out of your pocket for any non-compliance fines issued to you by the PCI.
- Reputational harm: You may need to repair your company’s image to avoid losing business after a data privacy breach. Some policies don’t include this protection.
- Bank account takeover: If criminals manage to hack into your business bank account and withdraw funds from it, you could suffer substantial financial loss. Unfortunately, not all policies cover such losses.
Understanding these cyber liability insurance coverage benefits and exclusions is an important step to maximizing your protection against financial loss. For help evaluating the specific cyber threats your business faces day to day, contact us today at Atlas Insurance in Sarasota, FL. We’re happy to help you get improved cyber coverage.