A brief description of Cyber Security Insurance courtesy of PIA (Professional Insurance Agents):
Cyber Security Insurance is a catch-all term for policies that can cover hacked computers, virus attacks, denial-of-service attacks, web content liability and other technology related areas.
Why might you need Cyber Security Insurance?
- For costs associated with the MANDATORY notification to your customers, in the event of a data breach
- Misuse of confidential customer information obtained by a hacker who gained unauthorized access to your network systems
- Employees email content
- Defamatory web content
- Transmission of a virus from company email or web content
- Legal defense costs involved with an action for loss
- If you provide online services to customers
- If you store paperless files or your organization is in the process of “going green”
- IF YOU RELY ON YOUR COMPUTER NETWORK TO DO BUSINESS
What are some scenarios where this type of insurance would cover me?
- Member information is entered onto an employees laptop. Later that day the employees laptop is stolen and the thief accesses all the personal records of the member. The members identity is stolen and files suit against your company for all of their losses.
- Your network was attacked by a nasty virus, bringing all business to a halt. The virus was so bad that you were virtually shutdown for 3 full days. Professionals come in to fix the problem and it costs your company a lot of money.
- An employee sends out an email, tweet, and/or FB post with language that suggest a competitor has inferior services. The email is presented to the competitor and a suit is filed for defamation by the competitor.
- One of your employees unknowingly had a virus attached to an email they forwarded to another business.
How can I reduce my Risks?
- First and foremost, get Cyber Security Insurance. Even the most careful action plans to avoid cyber security risks may still leave room for an event that can put a dent in your well earned revenues
- Install audit features that monitor logon and logoff activities
- Provide warnings that unauthorized users may be subject to monitoring and prosecution
- Develop and implement a trap and tracing mechanism with your local telephone company
- Report significant data breaches to relevant government agencies
- Implement internal data policies that must be followed by all employees
- Use encryption technologies and update security when available
What is included in a typical Cyber Security Policy?
- Legal Liability to third parties, due to a data breach
- Coverage for losses caused by an administrative or operational error
- Breach of privacy coverage from alleged violations of HIPPA, state and federal privacy protection laws
- Customer notification expense reimbursement
- Public Relations Expenses
- Comprehensive business interruption expense coverage
- Cyber extortion reimbursement