By Remmie Butchko, CIC
Georgetown Insurance Service, Inc.
Silver Spring, MD
Technology has changed our lives in unfathomable ways over recent years. When I started in the insurance business, we had floppy discs (literally) and documents printed on carbon paper with a dot matrix printer. My first “cell phone” was in a bag so big and so heavy most airlines today would charge a $50 bag fee for dragging it along.
The world has changed, and risk and insurance issues have changed along with it.
At the end of the day, there is really no such thing as “Cyber Insurance.” There are many insurance issues relating to technological changes — and their effects on the way our lives are conducted — but there is no silver bullet “Cyber Policy” that will address all concerns.
I will go into depth on these areas in future writings, but here is a summation of how cyber issues relate to different policies, or, as we insurance geeks call them, “Coverage Parts”.
General Liability (GL) – GL policies traditionally cover Bodily Injury and Property Damage caused to third parties. Unmodified GL policies specifically state that electronic data is not considered to be tangible property, therefore, if policyholders damage a third party’s data there is no “property damage” to trigger coverage.
GL Part Two – There are also liability issues associated with protecting Personally Identifiable Information (PII). PII can include health information, financial information, social security numbers, driving records — the list goes on. It is a business’s responsibility to protect this information and they are held liable when they do not. This PII can be information belonging to employees, customers, prospective customers, or other third parties.
Crime/Fidelity Insurance – Typical Crime policies were built to cover yesterday’s crimes such as employee dishonesty, forgery or alteration of checks, burglary, robbery, etc. While these are still valid concerns, there is far more crime being committed via computers by phishing, hacking, malware, and even cyber extortion like ransomware. These are different crimes from “traditional” methods of theft, and therefore, require different insurance.
Property Insurance – What is more valuable to a business, its furniture or its computer hardware, software, data, and intellectual property? Computers and data are subject to different perils, and their insurance needs to be handled in a different way. There are also cyber issues pertaining to Business Income insurance. There are multiple cyber events which can cause a shutdown, including viruses, denial of service attacks, ransomware, and other interruptions.
Employment Practices Liability – While there are no substantial coverage gaps that relate to employee-related claims (harassment, discrimination, hostile work environment, etc.), technology has definitely heightened the risk of employee claims. The internet, email, and smartphones have brought potential for circulation of inappropriate racial, religious, political, and sexual content between employees and third parties.
The bottom line is when looking for “Cyber Insurance,” it is important to know what specific cyber perils you are looking to protect your business from…. because there are many!