insuranceWhat is cybercrime, and how a simple click impact 8 billion

get online insurance quote

cyber insurance

What is cybercrime, and how a simple click impact 8 billion of the economy?

To state that 8 billion dollars were an understatement, as the statistic published dating back to 2018. Research by

McAfee reveals cybercrime activities put global losses at close to 600 billion. 19.8% of employees click phishing email links (a bait email sent by a hacker to lure the recipient or company employee into clicking on the email.)

and then infect the entire system, leaking data or corrupting the data file asking for ransom exposing company financial or more.

What is cyber insurance?

A Cyber-insurance is an insurance product design to protect a company or individuals from internet infrastructure-related risks. It includes protecting privacy information, data breach or governance liability and all other related to the negligence on losses resulting from the insured's negligence. 

Such insurance products exist because the standard commercial general liability insurance excludes these exposures in many areas.

What is a Cyber insurance policy?

Cyber insurance is a form of contract to indemnify a business or person's losses when they suffered financial losses as a highlight of the insurance contract. The cyber insurance policy is a legal contract explaining the detail of the insurance coverage, what is being covered and what is being excluded.

What is cyber insurance, and what does it generally cover?

Unlike standard commercial general liability insurance coverage, cyber insurance is design to cover the general exclusion it has on data.

On top of that, cyber insurance includes coverage on both the first party and third party. 

The first-party coverage has coverage against losses, including

a) data destruction - when the insured loses its precious company data, there may be insurance for an expert to recover data recovery.

b) extortion - payment for ransomware may demand money, or the company may not work due to damaged computers or locked files.

c) theft - money for the recovery of information, invoices or equipment.

d) hacking - Cost of repairing or replacing damaged equipment and more

e) DDOS (also known as a distributed denial-of-service) - the sudden increase of network traffic paralyzing the entire network infrastructure and may require an expert to repair its overloaded server or damaged equipment.

On the third party (also known as liability coverage)

The insurance company will indemnify the companies for losses to others caused, such as errors and omissions, regulatory fines for failure to safeguard data or defamation charged by all third parties, and other benefits such as regular data audit, and all other post-incident PR work, including reputation repair, investigative expenses, and setting up criminal reward funds.

What does cyber insurance not cover?

Patent, software and copyright infringement:

The intellectual property insurance policy covers patents, software, and copyright, not by a cyber policy. Some manuscript policies may cover copyright infringement claims' defence costs. But the coverage is most commonly covering outsiders that introduce to the company or actions by non-management staff.

Wars and invasions:

Like most insurance contracts, cyber policies will exclude the damages resulting from war, invasions or insurrections. If a data breach results from an act of war by another nation, the coverage can be denial. The same clause on war is universal across all insurance policies.

Failure or non-existing security protocol or measures:

Most cyber claims must be accidental or incidental, not intentional. When filing claims, the insurer will ask the company if they should have some measurement to safeguard the data. Failing to implement or plan on security measures may be a reason for claim denial. Thou the clause may vary from insurer to insurer. It is best to inquire and discuss preventive action for the company's benefit and define a strategy in place to safeguard their data with their insurance broker to ensure no gap in their insurance.

Bodily injury and damage:

The hacking of health care or public utility relevant company may cause injury or fatal death when a hacked system malfunctions. From the insurer's standpoint, a breach of vital business data does not directly cause injuries; hence, the insurance contract may have excluded the insurance contract's indemnity. Some policies cover the emotional distress and anguish caused, but if a company's business may involve injury, don't just rely on a standard cyber insurance contract but get an expert to better assist in risk management.

Loss of electronic device:

A company-issued electronic device may contain sensitive data and is cover by the data breach coverage, but the hardware itself is most likely to be excluded from the insurance.

Vicarious liability:

Any breach from another vendor or entrusted partner, cyber insurance may decline the claim if the breach occurs at the vendor's system. Be very careful when handing over sensitive data to another partner. This action may attribute a company to a breach of privacy law and essentially void the entire insurance contract due to illegal activities.

Bylaw, regulatory action or Government Authority Request:

Regulatory bodies may have passed new laws requesting the company to provide more secure measurements to protect data privacy. The requirement may have caused a company to incur expenses such as training, new equipment cost or more on their recommendations or certification process, additional licensing. These fees are unfortunately excluded from most cyber insurance contracts.

Specific Network Interruption Condition:

Do not use cyber insurance as software maintenance or network failure insurance because they are likely to be declined. If a company's suffer data loss on transmission between computers, it can be due to any technical or network interruptions such as 

deteriorating wire, 

someone tripped the network or 

fibre optic cable, or 

simply a software design fault

These are not likely to be cover by cyber insurance.

Why is Cyber insurance important, and why do you need it?

To ask above, one has to understand What is cyber insurance, and why you need it.

Every day, hundreds of news are popping up about the impact of cyber breaches on governments, large multi-national corporations, or charities that affect tens of millions of clients, citizens, or donors. Despite these high-profile cases, many businesses still believe it is not relevant to them.

Cyber insurance has become more and more important to have in any business insurance policy. It is essential to know that most business general liability policies do not cover cyber through property or liability coverages as data isn't considered a tangible piece of property and excluded under a property policy.

Cyber insurance is not simply against malicious hackers and cyber criminals – it also covers human error and losses caused by employees. Statistics show that most data breaches in Canada resulted from the malicious attack, but 25 percent were negligent employees or contractors. And those small and medium-sized businesses are increasingly targeted as they are ideal targets for cybercriminals due to lack of resources and budgets dedicated to training and prevention as large corporations do. Most companies do not have an incident response plan, disaster recovery plan, and a business continuity plan to survive after a cyber hack or bear the costs associated with the breach.

Who needs cyber insurance?

Apart from having the resources and need of an incident response plan, disaster recovery plan, and a business continuity plan. These are essential to a company's survival after a cyber hack or bear the costs associated with the breach. The hidden cost of reputational damage can cause business dearly, from both government fines and worrying customers about their data and privacy when dealing with businesses. These recoveries are costly and, if not properly handled, will be devastating to any business's survival. In our opinion, every business needs cyber insurance, big or small.

TL;DR

A Cyber-insurance is an insurance product design to protect a company or individuals from internet infrastructure-related risks. Cyber insurance is design to cover data and includes both the first party and third party. 

Cyber insurance does not cover

Patent, software and copyright infringement

Wars and invasions:

Failure or non-existing security protocol or measures:

Bodily injury and damage:

Loss of electronic device:

Vicarious liability:

Bylaw, regulatory action or Government Authority Request:

Specific Network Interruption Condition:

Cyber insurance has become more and more important to have in any business insurance policy. It is not simply against malicious hackers and cybercriminals – but covers human error and losses caused by employees.

It provides:

  • An incident response plan.
  • Disaster recovery plan.
  • A business continuity plan to survive after a cyber hack or bear the costs associated with the breach and the hidden cost of reputational repair.

These recoveries are costly and, if not properly handled, will be devastating to any business's survival. In our opinion, every business needs cyber insurance, big or small.

Social Share:

Get Online Insurance Quote

Go to Top