Management of cyber risk is complex and with today’s quick-moving fraudsters, falling victim to a cybersecurity scam can not only impact your normal business operations, but can also significantly damage your bottom line. While many organizations assume they will be able to recover any funds lost in a payment fraud event, 36% of those who experienced attempted and/or actual payment fraud had direct financial loss.†
Your business may be at risk if you have:
- System access to the internet
- Vendors and suppliers who interface with or have access to your network systems
- Online financial transactions including ACH and accounts payable functions
- Online sales and payment card processing (even if outsourced)
- Business continuity dependent on a particular system or vendor
- Sensitive data storage (financial, medical, and/or employee records)
In short, almost all businesses today have some amount of cyber risk.
A cyber liability policy can provide first- and third-party coverage for damages when private, personal, and financial information is compromised due to a data breach or network intrusion. Coverage can also provide the funds for an extortion payment if your network has been impacted by malware. While exact wording and terms of cyber liability insurance coverage may vary, typically the coverage consists of and covers the following (subject to the coverage limitations contained in the policy):
First-Party Cyber Liability Coverage (covers costs to the insured business)
- Breach Response: provides a timely response to a security failure or privacy breach, paying for costs of services to assist in managing the cyber incident.
- Business Interruption and Extra Expense: responds to lost income and continuing expenses arising out of a cyber incident for the time the insured is unable to continue operations.
- Network Extortion: responds to a credible cyber threat from an outsider attempting to extort money, security, or other valuables.
- Digital Assets: provides payment for the cost to restore damaged or destroyed data, software, and hardware.
Third-Party Cyber Liability Coverage (covers costs others incur)
- Privacy Liability: covers failing to properly maintain confidential information.
- Network Security Liability: covers failing to maintain a secure network including preventing transmission of malicious code.
- Internet Media Liability: covers infringement of copyright, defamation, violations of rights of privacy, and plagiarism arising out of a cyber claim.
- Regulatory: covers actions or proceedings against the insured business by a regulatory agency resulting from a violation of a privacy law. This may include fines or penalties.
Why Do Businesses Need Cyber Liability Insurance?
Fraud does not discriminate. Breaches are not just for Fortune 500 companies in the financial, retail, and healthcare sectors anymore.
- The number of ransomware attacks in the U.S. rose more than 300% during 2020.‡
- In 2019, 98% of claims were for organizations with revenues less than $2B, with the average incident cost being $175K.¶
- 2020 was a record year with 791,790 complaints filed with the Internet Crime Complaint Center, with reported losses exceeding $4.1 billion. This represents 69% more complaints than in 2019.#
- Business Email Compromise was the source of approximately $1.8 billion in adjusted losses, indicating a significant need to educate colleagues on the risks and prevention opportunities.#
In the event of any type of breach, time is of the essence. In addition to financial protection from various cyber exposures, a cyber insurance policy may help with response related expenses, including crisis services such as forensics, customer notification and public relations. These resources can help you to respond to an incident more quickly and get back to what’s most important–serving your customers and growing your business.
Cyber criminals’ methods evolve to find new ways to exploit access to confidential information. There is no one-size-fits-all cyber policy to provide coverage for all situations. If network security controls are inadequate, cyber liability insurance coverage may be significantly more expensive or unavailable altogether. Therefore, it’s critical to work with a cross-functional team who can help you navigate the rapidly changing cyber insurance marketplace.
To learn more, contact your relationship manager or visit our commercial insurance page.