Cyber Breach Insurance

Why Every Organization Needs Cyber Breach Insurance

Any company that handles maintains, or processes personally identifiable (driver’s license numbers, social security numbers, dates of birth, email addresses, and more) or protected health (account numbers, medical record numbers, insurance beneficiary numbers, and more) information needs their own cyber breach insurance to protect their organization against claims arising out of ransomware, a rogue employee, a staff mistake, a phishing attack, theft of hardware, lost or stolen laptop or device, and other causes of loss.

Not So Fun Facts

Worldwide spending on cybersecurity is going to reach $133.7 billion in 2022. (Gartner)
Data breaches exposed 4.1 billion records in the first half of 2019. (RiskBased)
52% of breaches featured hacking, 28% involved malware and 32–33% included phishing or social engineering, respectively. (Verizon)

Insuring Agreements included on the Cyber Breach Policy are as follows:

Security Liability – covers the unauthorized access of a network that leads to the destruction, deletion, or corruption of electronic data as well as the failure to prevent the transmission of malicious code from computer systems to third party computers and systems.

Privacy Liability – covers the theft, loss, or unauthorized disclosure of Personally Identifiable Information(PII), Non- Public Information(NPI), or Third-Party Corporate Information that is in your care, custody, or control.

Breach Response Costs – according to the 2017 net diligence cyber claims study, the median number of records exposed in this report was 1,091 and the median cost per-record was $46.50. this is a $50,000+ claim. you need coverage to notify the affected individuals as well as the potential expenses arising from credit monitoring.

Crisis Management Expense – if a breach does occur and your company makes the newspaper or network news, you better believe your competition will use this against you to try and take your clients. you need coverage for the costs associated to hire a public relations firm to avert or mitigate material damage against your reputation.

Forensic Expense – provides coverage for the cost of retaining an attorney to advise you of your obligations under data breach notification laws in the event of a network security breach impacting PII, as well as the cost of hiring a computer security expert to determine the existence, cause and extent of the breach.

Regulatory Coverage – this coverage is for claims expenses and penalties if a governmental agency or regulatory body brings an enforcement action against you for a violation of a law protecting the confidentiality and security of personally identifiable information.

Digital Asset Restoration Costs – provides coverage for the cost of restoring or replacing data, regardless of whether it is your or your client’s, because of a security breach on your network or your cloud service provider’s network.

Business Income Coverage – if your business is unable to operate due to a cyber breach of your network or the network of your cloud service provider, this coverage provides business interruption coverage.

Cyber Extortion Threat – cyber extortionists may threaten to harm you, your reputation, or your property if you do not comply with their demands.

cyber extortion can take many forms. for example, the cybercriminal may use “ransomware” to encrypt your data, which means you cannot read your data without the encryption key – and the cybercriminal will withhold this key until payment is made. this coverage is needed for situations where you must make a payment to eliminate credible threats.

Cyber-Theft Loss – cyber-attacks are now more sophisticated than ever before. this coverage will reimburse your company for the loss of money due to the unauthorized transfer of funds, service credits, or tangible property.

Cyber-Fraud Event – this occurs when a criminal enterprise disguises itself as an employee, client, or vendor and tricks someone at your organization into transferring funds to an account under their control. this could come from a phishing attack or social engineering email, text, or instant message.

PCI DSS Assessment Coverage – did you know that businesses are required to implement a set of security standards to protect credit card data? this insuring agreement provides coverage for assessments, fines, or penalties imposed by banks or credit card companies due to non-compliance with the payment card industry data security standard (PCI DSS) or payment card company rules.

*This webpage is for informational purposes only and is not an offer of insurance.

Find Out More