Cyber Insurance

Cyber insurance protects companies from third-party lawsuits relating to electric activities (i.e., phishing scams). Plus, it offers many recovery benefits, supporting data restoration and reimbursement for income lost and payroll spent.

Who is Cyber Insurance for?

Given US data breaches cost an average of $4 million, companies of all sizes should consider cybersecurity a top priority. Cybercriminals scout businesses with fractured processes and technology, executing sophisticated multi-tiered attacks to infiltrate the company’s network. Loads of personal identifiable information (PII) are stolen every year, resulting in third-party lawsuits, plus fines and penalties from regulators.

However Cyber is particularly important for the following industries:

Healthcare

Hundreds of thousands of patients relying on you to protect their personal identifiable information (PII).

Financial Services

The average cost of a data breach is mounting $4 million, and financial services are first on most cybercriminals’ agenda.

SaaS

Notification costs, lost income, and cyber extortion losses equal a tough rebound for this industry.

Ecommerce

The damage to your reputation alone could cause your company to shutter after a cyberattack.

Why you need Cyber Insurance


Summary

Cyber attacks are on the rise worldwide. Unfortunately, over half of these vicious attacks happen because of employee mistakes, making the breaches and subsequent losses avoidable. Cyber insurance is an evolving policy that helps protect companies against the damages sustained in a cyber attack.

Consider the cost of data restoration, credit monitoring, and reimbursement for income lost and payroll spent — it’s astronomical. However, this policy is designed to cover these specific damages.


Reasons for getting Cyber Insurance
Protects against financial loss and notification expenses
Covers forensic investigations and data recovery
Helps cover legal costs and lawsuit settlements
Average Total Cost
$4m

The average total cost of a data breach in 2020 was $3.86 million and the average cost per individual record that was lost was $150 (IBM).

Caused by Mistakes
50%

Criminals are only responsible for a portion of these data breaches — human error causes 28%, while system glitches cause 25%.

Under $2bn Revenue
87%

A whopping 87% of cyber claims come from companies with under $2B in revenue, according to one NetDiligence report.

What Does Cyber Insurance Cover

You will have to consult your policy documents to confirm exactly what coverage your Cyber insurance provides but here are a few scenarios that typically would and would not be covered. You can read more about what cyber insurance covers here.


Loss or Damage to Electronic Data

Many policies cover losses caused by damage, theft, disruption or corruption of your electronic data. They also cover damage or theft of data stored on your computer system that belongs to someone else. For a loss to be covered, it must result from a hacker attack, virus, or denial of service attack. This policy generally covers the costs to restore or recover lost data. It may also cover the cost of outside experts or consultants you hire to preserve or reconstruct your data.


Loss of Income or Extra Expenses

Many policies cover income you lose and extra expenses you incur to avoid or minimize a shutdown of your business after your computer system fails. The loss of income and extra expense coverage afforded under a cyber liability policy differ from that provided under your commercial property policy. Cyber policies cover income losses and extra expenses that result from an interruption of your computer system. Property policies cover income losses and extra expenses that result from an interruption in your business operations caused by physical damage to covered property, which does not include electronic data.


Cyber Extortion Losses

Cyber extortion coverage applies when a hacker or a cyber thief breaks into your computer system and threatens you and your business. For instance, a hacker may threaten to damage your data, introduce a virus, or shut down your computer system unless you pay him or her a sum of money. The perpetrator may also subject your computer system to a denial of service attack or threaten to release confidential data unless you pay the sum demanded. Extortion coverage typically applies to expenses you incur (with the insurer’s consent) to respond to an extortion demand, as well as the money you pay the extortionist.


Notification Costs

Policies may cover the cost of notifying parties affected by the data breach by government statutes or regulations. They may also include the cost of hiring an attorney to assess your firm’s obligations under applicable laws and regulations. Some policies cover the cost of providing credit monitoring services for those affected by the breach. Some also cover the cost of setting up and operating a call center.


Reputation Damage

A data breach can severely damage your firm’s reputation. So, some policies cover the costs you incur for marketing and public relations to protect your company’s reputation following a data breach. This coverage is sometimes referred to as Crisis Management.

Crime Insurance Claim Examples

Here are some claim examples that illustrate what Cyber Insurance covers

A e-commerce platform, SellYouLater, contracted with a third party service provider. A burglar stole two laptops from the service provider containing the data of over 800,000 clients of the SellYouLater. Under applicable notification laws, SellYouLater – not the service provider – was required to notify affected individuals. Total expenses incurred for notification and crisis management to customers was nearly $5,000,000.

A U.S. based information technology company, ‘Merica, contracted with an overseas software vendor, Internacional. Internacional left universal “administrator” defaults installed on ‘Merica’s server and a “Hacker for Hire” was paid $20,000 to exploit such vulnerability. The hacker advised if the requested payment was not made he would post the records of millions of registered users on a blog available for all to see. The extortion expenses and extortion monies are expected to exceed $2,000,000.

An intern released a computer worm directing infected computers to launch a denial of service attack against a regional computer consulting & application outsourcing firm. The infection caused an 18 hour shutdown of the entity’s computer systems. The computer consulting & application outsourcing firm incurred extensive costs and expenses to repair and restore their system as well as business interruption expenses which totaled approximately $875,000.

A SaaS platform, SaaSyAttitude, stored credit and debit card account numbers, names, addresses, telephone numbers that were stolen. In total, over 365,000 customers’ records were exposed. The organization settled with the state attorney general, and is now compelled to provide with free credit monitoring, credit restoration to customers that were victims of identity fraud, and reimbursement to customers for direct losses that resulted from the data breach. The organization will be required to revamp its security policies, implement technical safeguards, and conduct random compliance audits.

Cyber Insurance FAQs

  • Loss of value due to IP theft
  • Internal technology system upgrades
  • Possible future lost

As with most commercial insurance policies the cost of cyber insurance depends on a number of factors. Here are some of the main points that insurance carriers will take into account when calculating your premium:

  • Data: what type of data is being collected and how much is being collected?
  • Controls: what type of security measures and incident response plans do you have in place already?
  • Industry: a payment processor is more likely to be attacked than a cookie store with an online presence.
  • Customer base: the more customers, the higher the potential severity of a data breach. If the customers are large companies/institutions with deep pockets and a lot to lose, underwriters will recognize the increased risk of expensive litigation in the event of a data breach.
  • Revenue: this is the primary factor for determining rate change on renewal

To give you a rough idea of what to expect in terms of premium, check out this research from Deloitte. Don’t be put off by the high starting point, we often get quotes for our clients of $5k, sometimes less

Knowing what coverage you need starts with asking the right questions about your business. What are your needs, exposures, etc.? On that same note, all cyber insurance policies are not created equal. For example, some cover ransomware, while others don’t. Working with a seasoned insurance professional is your best option.

How it works

Finding insurance coverage doesn’t have to be painful. We aim to make the purchasing experience as streamlined & intuitive as possible.

1
Get a quote

Use our custom built online portal to get quotes fast. We automate clerical tasks that plague the traditional insurance brokerages, giving us more time to be responsive and alert to your company’s needs.

1
Get a quote

Use our custom built online portal to get quotes fast. We automate clerical tasks that plague the traditional insurance brokerages, giving us more time to be responsive and alert to your company’s needs.

2
Pair with a specialist

No two organizations are the same. Our team of coverage experts partners with your team to engineer your risk management strategy, together. We take the time to understand the intricacies of your company to get you the best possible coverage.

2
Pair with a specialist

No two organizations are the same. Our team of coverage experts partners with your team to engineer your risk management strategy, together. We take the time to understand the intricacies of your company to get you the best possible coverage.

3
Stay one step ahead

To do better, you need to know better. With changing political, technological, legal and economic landscapes, staying ahead of the curve is critical.

Our in-house team is tapped into the latest developments of your industry, proactively ensuring you’re covered.

3
Stay one step ahead

To do better, you need to know better. With changing political, technological, legal and economic landscapes, staying ahead of the curve is critical.

Our in-house team is tapped into the latest developments of your industry, proactively ensuring you’re covered.

Latest Cyber Insurance Insights


February 6 • Cyber Liability

Cyber Insurance Trends 2020

As cybersecurity continues to be a top priority for most companies, here are cyber insurance trends you need to know for 2020.


cyber_liability_PCIDSS_compliance
April 8 • Cyber Liability

Cyber Liability and PCI DSS Compliance [Why it Matters]

PCI DSS compliance and cyber liability can seem confusing, but we break it down for you so you can keep your business booming.


May 31 • Cyber LiabilityErrors & Omissions

Top 5 Tech E&O and Cyber Claims

What do Tech E&O and Cyber Insurance cover? We dive in to 5 major claims scenarios that every tech company needs to know about.