Blockchain
Cannabis
Cryptocurrency
Influencers
Micromobility
On-Demand & Shared Economy
On-Demand Delivery
Robotics
SPACs
Web3
AI
E-Commerce
Education Technology
Esports
Fintech
MSPs
SaaS
Startups
Technology
Life Science Risk Management
Biotech
Dietary Supplement & Nutraceutical
FamTech & BabyTech
HealthTech
Pharmaceutical
Virtual Care, TeleHealth, & Telemedicine
Financial Services
Professional Services
Media & Advertising
info@foundershield.com 
28 Liberty Street, New York, NY 10005 
646.854.1058 
Carl Niedbala
Managing Partner; COO & Co-Founder
Key Takeaways
Managing Partner; COO & Co-Founder
For anyone that hasn’t heard, Anthem, one of the nation’s largest health insurance providers, suffered a data breach in which an estimated 80 Million customer and employee records containing personally identifiable information were compromised.
Fortunately for the company, it has around $200M in cyber insurance coverage. While only time will tell if this is enough to cover all of the costs of this massive breach, here are a few ways beyond lawsuits that cyber insurance can help ease the sting for both Anthem and affected customers alike.
1. Forensics
One of the first items of business for companies after suffering a data breach is usually figuring out what went wrong. Very few companies (and even fewer startups) keep cybersecurity forensic experts on staff, so this will always be a consulting gig. Given the number of compromised records and the complexity of the Anthem attack, it looks like the company will be racking up quite a few billable hours.
Forensic costs are covered by a good cyber insurance policy, so Anthem will likely find some relief here.
2. Notifications
As a major health insurer, Anthem has clients nationwide that suffered from this data breach. One of the company’s duties is to notify these clients of the breach so that they can take actions to protect their data, check for identity theft, etc.
It seems simple enough to notify users, but here’s where it gets complicated: breach notification laws are at the state level, so the rules are different in each jurisdiction. This can drive the cost of compliance way up. It’s easy to imagine how this alone could kill a startup experience a growth rate when bootstrapped or after a small seed round.
However, a cyber insurance policy provides funds to cover breach notification costs. Anthem will likely find some relief here as well.
3. Credit monitoring
Once users are aware of the breach, they’ll certainly want to check their credit scores on a regular basis. Anthem has already set up a free credit monitoring service for affected clients. Free for the clients, that is.
Someone has to pay for this service, and you can bet that it’s Anthem that has to foot the bill. Again, Anthem’s cyber insurance can kick in to cover these costs because most policies will have a line item that covers the costs of credit monitoring services.
4. Regulatory Costs
Anthem is already under scrutiny from state and federal insurance regulators and there’s a good chance that other entities will get involved as well. This is not uncommon in data breach situations. When personally identifiable information is disclosed, it’s fairly certain that uncle Sam will get involved to protect consumers. Again, cyber insurance will kick in to provide coverage for costs related to these regulatory actions.
In conclusion, the Anthem data breach serves as a stark reminder of the importance of having cyber insurance coverage in place to deal with risk effectively. These are just a few ways that cyber insurance can help Anthem and other companies suffering from a data breach.
