“Highly recommend John Phillips. We’ve recently had to claim on our insurance due to the loss of our websites and the whole process has been SO efficient. Every company should have cyber insurance”
Here we have highlighted just a few of the ways cyber insurance can benefit organisations in your sector in a time of crisis:
This section of cover will generally pick up all of the costs involved in responding to a cyber incident in real time, including IT security and forensic specialist support, gaining legal advice in relation to breaches of data security. One of the most important aspects of a cyber policy is that it provides access to the right specialists when time if of the essence as well as paying for their services. This can be the great proportion of the costs of a claim.
This section covers costs incurred in responding to fraudsters attempting to extort money out of an insured by either threatening to carry out a cyber attack or by threatening to expose or destroy data after having already compromised the victim’s network. Ransomware, where the victim’s data is encrypted (converted into an unreadable format) and only made accessible again by the payment of a ransom demand to the attacker, is one of the fastest growing forms of cybercrime.
This section covers the costs for an insured’s data and applications to be repaired and restored in the event that their computer systems are damaged as a result of a cyber event such as malware. This is often critical in getting a company back up and running.
This cover aims to reimburse loss of profits and increased costs of working as a result of interruption to a business’s operations caused by a cyber event. It works in a very similar way to traditional business interruption insurance except the trigger is a non-physical peril as opposed to a physical one. While third party liability claims tend to be less common in cyber insurance, it is still important to have cover for them under this section. This can help you to maintain good relationships and become a provider trusted for their robustness.
This section covers failure to prevent an individual’s data being breached. Cyber criminals are able to then sell this information on the dark web. With every breached database, more and more credentials, credit card details, passport information etc. appear for sale.
Cover for costs to draft, send and administer notification communications to those whose data has been stolen, misplaced or compromised. The average cost of a stolen or lost record is $148, – Credit monitoring is often also included to ensure those effected are not subject to any fraudulent activity.
This cover will deal with any costs incurred should an individual or organisation take legal action against you over any alleged negligence in relation to your cyber activities. This is particularly important as there are likely to be many claims for compensation for distress following data breaches in the coming years whilst the parameters of this sort of claim are defined.
This is something that is not necessarily considered in the first instance however bad publicity can have a devastating effect on a brand as in the case of the Talk Talk breach where Dido Harding personally faced strong criticism for her response.
This can cover the cost of certain fines and penalties that a regulatory body might enforce on an organisation as a result of them having suffered a data breach in so far as these are legal.
Cyber Insurance Covers
It’s important to note that cyber insurance includes a wealth of other benefits which can be found here:
Cyber Risk Management Priorities
Insurance should only form part of your risk management strategy. Here is a brief overview of some of the areas we would advise you look into and how we can assist you to ensure your business is as robust as possible.
Cyber Risk Report – These reports can provide a score akin to a ‘cyber credit check’ which is given context by the peer to peer comparisons and can help you to know where to start when tightening up your security.
Cyber Security Training – Cyber insurers look favourably upon this sort of proactive approach and some providers even include an element of this sort of insight into their packages.
Cyber Security Certification – These certifications can provide reassurance to your clients that you take cyber threats seriously and can be a trusted partner in their supply chain.
Incident Response Planning – A comprehensive incident response plan will mean you are able to deal with any incidents and dramatically mitigate any losses you may incur.
Security Consultancy – For turnover of £1m – Audits. From penetration testing to regular consultancy with a virtual CISO.
A York IFA suffered a social engineering attack. Once they found the domain was registered in the name of an individual they were able to hijack their website and their entire online footprint. The attackers then harvested customers’ details through phishing and malware. A forensics team was able to fix the issue and costs associated with the breach were picked up by the cyber insurer.