Cyber risks pose a very real threat to businesses, with the potential for expensive, damaging consequences. As a result, a new demand for cyber insurance has emerged. Business leaders know that most insurance policies do not adequately cover their company’s cyber risks, so the best way to protect company assets may be with specialized coverage.
What Does Cyber Insurance Cover?
The specific cyber insurance coverage your company may need, as well as its cost, will vary depending on the size and scope of your business operation, the number of customers you have, your company’s online presence, and the type of data you collect and store. A typical cyber liability policy might include:
- Liability for breaches of security or privacy. This includes loss of confidential information by allowing or failing to prevent unauthorized access to computer systems.
- Costs associated with a privacy breach, including customer notification, customer support, and costs of providing credit monitoring services for affected customers.
- Costs of restoring, updating, or replacing electronically-stored business assets and data.
- Expenses caused by interruption of business after a security or privacy breach.
- Liability associated with damage to others when the allegations involve a business website, social media, or print media.
- Expenses related to cyber extortion or cyber terrorism.
Shopping for Cyber Insurance
If your business decides to seek a cyber liability policy, it may not be quite as easy as taking out other insurance policies. Cyber insurance is a relatively new arena and some of its standards are still being established.
However, the National Association of Insurance Commissioners (NAIC) has proposed an Insurance Data Security Model law that will help set standards that insurance providers can follow. The NAIC has also developed a Cybersecurity Consumer Bill of Rights detailing what consumers can expect from their insurance company following a data breach.
When you seek a cyber policy, an insurer will be interested in the risk management practices your business follows to protect its network and its data. They will likely want to see your business’ disaster response plan with respect to its networks, website, physical assets, and intellectual property.
As the standards for cyber coverage become more firmly established and insurance companies expand their coverage options, cyber insurance is bound to continue becoming more commonplace for businesses worldwide.
www.NAIC.org (Nat’l Assoc. of Insurance Commissioners) and the Center for Insurance Policy Research.