Cyber Liability: Risks, Exposures, and Coverage
Cyber liability, often referred to as network security and privacy liability, is a risk that is inherent to every organization. With cyber threats growing in frequency and intensity, it is imperative to have a highly specialized and technical professional focused on evaluating and securing the proper coverage for your business.
What Is A Cyber Liability Policy?
In its broadest sense, cyber liability serves to protect the insured entities and individuals from claims made against them for defense costs and damages arising from a breach of their networks or the wrongful dissemination of private material. The policy also contains an extraordinarily valuable “first party” element, wherein coverage is provided for the costs incurred by an insured entity upon discovering a breach. Most carriers also provide a data breach coach or claims team to help coordinate the various elements necessary to appropriately respond to a breach and comply with regulatory requirements.
Since organizations hold or are responsible for the collection and storage of sensitive employee and customer data (whether subcontracted out to a third party or not), this exposure is ever-present.
What Does A Cyber Liability Policy Cover?
- Data Breach and First Party Costs
- Covers defined expenses commonly associated with a data breach. This includes costs associated with data breach counsel, computer forensics analysis, privacy regulations compliance, notification and credit monitoring services for affected individuals, and public relations or crisis management services to restore a company’s reputation.
- Network Security and Privacy Liability
- Covers liability of the organization arising out of the failure of network security, including unauthorized access or unauthorized use of corporate systems, a denial of service attack, or transmission of malicious code. Internet media liability Covers infringement of copyright or trademark, invasion of privacy, libel, slander, plagiarism, or negligence arising out of the content on the organization’s website.
- Cyber/Network Extortion
- Covers monies and associated expenses arising out of a criminal extortion threat to release sensitive information or gain unauthorized access to a network.
- Business Interruption
- Covers lost income or extra expenses in the event that the network is inaccessible for an extended period of time.
- Digital Asset Restoration Costs Coverage
- Covers costs incurred to replace, restore, or recollect data and/or network resources lost or destroyed resulting from unauthorized access to the system.
- Regulatory Coverage
- Provides coverage for regulatory proceedings brought by a government agency alleging the violation of any state, federal, or foreign identity theft or privacy protection legislation.
- Cyber Terrorism Coverage
- Covering financial damages an insured is legally liable for arising from an act that is certified by the Secretary of the Treasury to be an act of terrorism pursuant to the federal Terrorism Risk Insurance Act.
- Payment Card Industry Standards Compliance Coverage
- Covers damages as well as payment card loss, which the insured is legally obligated to pay resulting from non-compliance with the payment card industry data security standard.
- Social Engineering Fraud
- Social engineering fraud, or “fraudulent inducement,” is an emerging risk gaining widespread attention in the marketplace. This exposure is often addressed under a crime of fidelity policy, however, has potential overlap and implications to cyber risk. This coverage provides for indemnification of the loss of monies and securities caused by a fraudulent inducement to transfer funds to a third party purporting to be a customer or vendor.