Key Elements of a Cyber Liability Insurance Policy

‍

Since 2019 cybersecurity incidents have increased significantly across all industries and show no signs of slowing! This has largely been driven by the rapidly growing prominence and sophistication of ransomware attacks as well as an increased propensity to pay the hackers.  According to the 2021 IBM Security Cost of a Data Breach Report, the average cost of a data breach has risen to $4.24 million per incident with ransomware averaging more than $4.62 million per attack.  These cyber events can mean a substantial increase in operating costs resulting from loss of productivity, service disruption, reputation damage, response and recovery activities as well as potential regulatory fines and personal claims.  Cyber liability insurance can cover these losses and is now a best practice and an essential part of an effective cybersecurity program.

The current environment has also impacted cyber insurance carriers resulting in several significant changes to the market. These include higher premiums, additional limitations on coverage, and more aggressive underwriting and stringent cybersecurity requirements to attain the proper coverage.  Based on these changes, the number of different policies available for cyber liability coverage along with a plethora and ever-increasing number of endorsements that can be added to the policies, the evaluation and selection of the best coverage for your organization can be a challenging process.

There are several key elements of cyber insurance coverage that all organizations should look for in a cyber liability policy.  Those coverages include:

1. Business Interruption:  Operational cyber risk coverage for costs incurred during the time the business was impacted by a cyber event.  This includes lost profits, fixed expenses, and extra costs resulting from the inability to be fully operational.
2. Contingent Business Interruption:  Coverage for lost revenue if a vendor that is heavily relied upon experiences a breach that causes the organization to suffer financial loss.
3. Cyber Extortion: Coverage for the cost of cyber events can include hiring a negotiator and even the ransomware payment itself.
4. Incident Response:  Coverage for costs incurred for response and recovery from a data breach.  That can include forensics, incident containment and remediation, victim notification, public relations, and credit monitoring.
5. Legal Expenses:  Includes costs for defending against customer class action litigation and funding a potential settlement in the event of a cyber incident or data breach.
6. Regulatory Fines and Penalties: Covers the cost of regulatory fines if it is determined that the organization failed to adequately protect customer and employee data during a breach by not fully adhering to baseline cybersecurity laws and requirements.
7. Liability and Expense Cost: Coverage for losses and cost of defense for lawsuits related to network security liability.  It also typically includes electronic media liability.
8. Cybercrime:  Provides protection for types of cyber events that include financial fraud such as electronic theft, fund transfer, and invoice manipulation fraud.

The coverage limits, deductibles, triggers, scope, and premiums can vary greatly from one carrier to another and is also dependent on the overall level of risk mitigation and protection your current cybersecurity and privacy program provides. At NetWorks Group, we believe that securing the right policy is a complex process.  We can help you understand your risks and exposures and work with you to craft a policy that will provide the best and most affordable coverage for your organization.  

Cybersecurity attacks are not going away - in fact, the frequency with which they occur continues to accelerate. Even the best defended organizations face increased cybersecurity risks that are nearly impossible to fully protect against. That is why it is vitally important that organizations adopt appropriate cybersecurity insurance coverage to help transfer risk in the event of a breach. NetWorks Group is here to help you navigate these murky waters by working with you to identify and procure the right insurance to meet your needs. 

If you are interested in learning more about our Cyber Liability Insurance Advisory Services Program, NetWorks Group conducted a webinar in August of 2022 on the topic which you may watch here. You may also contact us at sales@networksgroup.com to schedule an initial discovery session.