Cyber Attacks on the rise - Insurance Cover

(CYBER ATTACKS ON THE RISE)

Cyber attacks and breaches have grown in frequency, and loss costs are on the rise. In

2014, the number of U.S. data breaches tracked hit a record 783, with 85.6 million records exposed.

In the first half of 2015, some 400 data breach events have been publicly disclosed as of June 30, with 117.6 million records exposed.

These figures do not include the many attacks that go unreported. In addition, many attacks go undetected. Despite conflicting analyses, the costs associated with these losses are increasing.

McAfee and

CSIS estimated the likely annual cost to the global economy from cybercrime is $445 billion a year, with a range of between $375 billion and $575 billion.

Why Reliance on Traditional Policies Is Not Enough

While traditional insurance policies typically have not handled the emerging cyber risks, limited coverage under traditional policies may be available.

For example, there may be coverage under a traditional property insurance policy if a cyber incident resulted in a covered cause of loss, such as a fire or explosion, which caused property damage.

Traditional property insurance policies often contain express provisions covering damage or disruption to electronic data. The package policy known as the Business Owners Policy (BOP) that is often purchased by medium- and smaller-sized businesses includes coverage for electronic data loss (up to a specified limit).

If electronic data is destroyed or damaged as the result of a covered cause of loss, the insurer will pay the cost to replace or restore it. Causes of loss that apply to this coverage include a computer virus, harmful code or other harmful instructions entered into a computer system or network to which it is connected.

There is no coverage, however, for loss or damage caused by the actions of any employee.

Cyber insurance forms now allow insurers to tailor coverage for small and midsize businesses. Optional endorsements to the standard BOP cover data breaches, data replacement and restoration, cyber extortion and business interruption.

Most traditional commercial general liability policies do not cover cyber risks, however.

Reliance on traditional insurance policies is therefore not enough, so specialized cyber insurance policies have been developed by insurers to help businesses and individuals protect themselves from an ever evolving range of risks.

STAND ALONE CYBER INSURANCE

Specialized cyber risk coverage is available primarily as a stand-alone policy. Each policy is tailored to the specific needs of a company, depending on the technology being used and the level of risk involved. Both first- and third-party coverage’s are available .Coverage’s include: Loss/Corruption of Data: Covers damage to, or destruction of, valuable information assets as a result of viruses, malicious code and Trojan horses.

Business Interruption: Covers loss of business income as a result of an attack on a company’s network that limits its ability to conduct business, such as a denial-of-service computer attack. Coverage also includes extra expenses, forensic expenses and dependent business interruption.

• Liability: Covers defence costs, settlements, judgments and, sometimes, punitive damages incurred by a company as a result of:

• Breach of privacy due to theft of data (such as credit cards, financial or health related data);

• Transmission of a computer virus or other liabilities resulting from a computer attack, which causes financial loss to third parties;

• Failure of security which causes network systems to be unavailable to third parties ;rendering of Internet Professional Services;

• Allegations of copyright or trademark infringement, libel, slander, defamation or other “media” activities on the company’s website, such as postings by visitors on bulletin boards and in chat rooms. This also covers liabilities associated with banner ads for O/Management Liability: Newly developed and tailored D&O products provide broad all risks coverage, meaning that the risk is covered unless specifically excluded. All liability risks faced by directors,

            Including cyber risks, are covered.

• Cyber Extortion: Covers the “settlement” of an extortion threat against a company’s network, as well as the cost of hiring a security firm to track down and negotiate with blackmailers.

• Crisis Management: Covers the costs to retain public relations assistance or advertising to rebuild a company’s reputation after an incident. Coverage is also available for the cost of notifying consumers of a release of private information, as well as the cost of providing credit monitoring or other remediation services in the event of a covered incident.

For further information on cyber attack insurance cover contact: DUNCAN CLARK (Insurance Brokers) Ltd. On 01727 852299