Just released: How to raise venture capital in 2023

Download

#Whatis: cyber insurance, crime insurance, & social engineering insurance

TL:DR

Key Takeaways

WilHamory FounderShield
Wil Hamory

Financial Practice Lead

Most people have heard of cyber insurance. News of cyber breaches and fraud graces the headlines almost weekly these days. But are you really covered for all types of thefts committed using the latest technology? The answer is probably not, especially if you aren’t purchasing crime insurance. Let’s take a look at what you’re covered for under a cyber and crime policy.

Cyber insurance and the theft of data

Cyber insurance gets plenty of shine as one of the hottest insurance products on the market. Cybercrime events lead the headlines frequently. Many states are enacting special response regulatory guidelines. Due to this activity, insurance carriers responded by creating one of the broadest products on the market.  While every insurance policy is different, what does it actually cover? A comprehensive cyber program should cover your directs costs and liability to a 3rd party after a cyber event. Some of these direct costs can include:

  • Event management costs which include costs for forensics services, notification expenses. Includes call center costs, legal services, identity monitoring and engaging a PR firm as well.
  • Costs to recover and restore lost data corrupted or destroyed after a computer attack.
  • Cyber extortion costs including the expenses for consultants and the demand
  • Business Interruption reimbursement for loss of income and extra expenses to get up and back running after a cyber event that causes your system to fail or the failure of computer system maintained by a vendor.

Despite the broad language in cyber policies, gaps in coverage still exist.  Next we’ll take a look at crime and cyber insurance.

Crime insurance and the theft of money

With cyber getting all the shine, many overlook the need for crime insurance. Crime insurance has evolved to cover much more than employee theft as bad actors have become more sophisticated. Crime insurance is fundamentally designed to cover the theft of money. It covers the more traditional methods of theft including robbery, burglary, and forgery.

Unfortunately, criminals now commit these crimes from the comfort of their own home. Traditional crime insurance continues to expand to cover new types of theft as technology rapidly changes. Policies now cover fraudulent instructions sent electronically or physically (telephone, fax, etc.) instructing banks to transfer your company funds to another account.

Crime insurance, social engineering and using stolen information to steal money

Nowadays, bad actors are passing the bank and giving fraudulent transfer instructions directly to employees. Most people believe their employees would never fall for such a scam. These schemes are more common than you would think and often very successful! Essentially, criminals are using a virus, phishing, or other traditional hacking methods to steal information. Implementing effective risk handling methods is crucial, as the stolen information allows criminals to pretend to be authorized employees and instruct others to make transfers.

This scheme has many names including social engineering, cyber crime, computer crime, spear phishing etc. Basically, social engineering is the place where cyber and crime meet. While coverage for cyber crime is available under both crime and cyber policies by request, most underwriters agree that social engineering is just a new method for theft of money. Crime insurance policies specifically cover only the theft of money. Some examples of the type of scams potentially covered under the social engineering coverage are:

  • Bad actor hacks into the CEO’s email and sends an urgent message to the approved person to make transfers requesting funds transferred to an account for a top secret deal.
  • Cybercriminal collects publicly available information to impersonate an executive and instructs an individual to make a transfer of funds.
  • Employee inserts an infected storage device into a local network that allows the criminal enough access to information to enable the transfer of funds.
  • Employee responds to a seemingly legitimate email and voluntarily provides enough sensitive information that allows someone to pose as that person to initiate a funds transfer directly or through another employee also known as phishing.

Takeaways

In this era, every company has some sort of cyber and crime exposure.  Cyber and crime insurance experts agree, it’s not if it’s when. Make sure your insurance program is broad enough to cover any type of cyber attack regardless of the method or what was stolen. The best way to do that is purchase both a cyber and crime with social engineering policy.

Related Articles

data breach 2024
October 1 • Cyber Liability

Top 10 Cyber Security Data Breaches of 2024

Cybersecurity under attack in 2024! Discover the top 10 data breaches that rocked the world. Learn how major companies fell victim to cybercriminals. Understand the risks and take action to protect your business from cyber threats.

supply chain disruptions
August 27 • Cyber Liability

Cyber Attacks & Supply Chain Disruptions: Startup’s Worst Enemy?

Explore the evolving threat landscape for supply chain disruptions, mitigation strategies, and the importance of risk management in today’s volatile business environment.

cyber insurance pricing trends 2024
March 13 • Cyber Liability

Cyber Insurance Pricing Trends 2024

Uncertain about cyber insurance costs in 2024? Our article explores pricing trends, expert predictions on rate increases, and strategies to potentially reduce your cyber insurance premium.

cyber liability insurance premiums
March 4 • Cyber Liability

7 “Must Haves” For Cyber Liability Insurance in 2024

With cyber liability insurance premiums rising, business leaders must have the inside scoop to keep costs low. Our partners at Blacksmith InfoSec delve into those tips and tricks.

Cybersecurity Data Breaches
November 9 • Cyber Liability

Top 10 Cybersecurity Data Breaches of 2023

Today’s digital landscape is frightening for business leaders. Here’s a glimpse into some of the most cringe-worthy data breaches in 2023 — plus, how to avoid them.

Cyber Insurance Pricing Trends
July 19 • Cyber Liability

Cyber Insurance Pricing Trends 2023

After a hard-hit 2022, let’s explore the lessons learned, what currently impacts the cyber market, and cyber insurance pricing trends to expect in the future.