Remmie Butchko, CIC
Georgetown Insurance Service, Inc.
Silver Spring, MD
While there are many facets of cyber insurance, this is geared toward the considerations business owners must make relating to First Party Coverages, which can often be overlooked. Many of today’s discussions of cyber insurance concern Third Party issues, such as failure to protect private information of customers, prospective customers, and employees (aka Personally Identifiable Information). This article outlines several coverage considerations that protect YOU.
Computer Extortion Coverage: This coverage insures a business for damages incurred from outside threats to disseminate, restrict access to, or even completely destroy a business’s computer systems and/or data. Cyber insurance can pay for costs incurred to evaluate the credibility of threats, ransoms demanded (keep reading), and even the loss itself should the threats become reality.
Ransomware Loss Coverage: While there are multiple methods of cyber extortion, the most commonly known is ransomware. Ransomware basically holds a business’s computer system hostage until a specified ransom has been paid. Ransomware Loss Coverage can pay for costs incurred to investigate the credibility of the threat, mitigate the impact of the loss, or even potentially pay the ransom if that is determined to be the best course of action.
Social Engineering Fraud: This type of loss can also be referred to as Funds Transfer Fraud. Sometimes employees can be fraudulently tricked into transferring funds to a phony third party for goods or services, and in some situations, even payroll funds. Social Engineering Fraud coverage will pay for the monetary loss caused by erroneous payments made in good faith to a falsely represented third party.
Public Relations Coverage: There is no doubt that a breach can be damaging to the reputation of a business. Public Relations Coverage will pay costs incurred to mitigate damages, including but not limited to (a) hiring a PR firm, (b) legal costs, (c) public advertising or notices, including website costs that may be necessary for damage control.
System Disruption Coverage: In addition to direct costs, a business that experiences a breach or threat may need to temporarily shut down operations to correct system flaws or mitigate the extent of the loss. System Disruption Coverage can pay for lost revenue and/or additional costs incurred during such a necessary shutdown until a business is back to running at full capacity.
In addition to this sampling of cyber insurance coverages that can be available, most cyber policies also include readily accessible legal and forensic services in the event of a suspected breach or threat. As with most insurance issues, speed to address and react to the situation can greatly mitigate the overall impact of a loss. Most businesses do not have the staff, experience, or expertise to handle a cyber breach or threat, so immediate availability to the advice and services of experts can be invaluable in many situations.
The insurance issues mentioned above are just a few cyber insurance coverages that should be considered for any business using electronic data (i.e. pretty much everybody). Unfortunately, these cyber concerns are growing in reach, scope and complexity, so the situation will probably become an even greater threat to a much larger audience.
Have questions? Contact us to speak with a licensed insurance professional.