Cyber insurance
Cyber insurance covers the losses relating to damage to, or loss of information from, IT systems and networks.
Technology, social media and transactions over the Internet play key roles in how most organizations conduct business and reach out to prospective customers today. Those vehicles also serve as gateways to cyberattacks.
More and more attacks are likely to occur and can cause moderate to severe losses for organizations large and small. As part of a risk management plan, organizations routinely must decide which risks to avoid, accept, control or transfer. Transferring risk is where cyber insurance comes into play.
Do I need it?
As a business of any size, it is likely you will rely on information technology (IT) infrastructure to some degree. If so, you will be exposed to the risks of business interruption, income loss, damage management and repair, and possibly reputational damage if IT equipment or systems fail or are interrupted.
A UK Government survey estimated that in 2014 81% of large corporations and 60% of small businesses suffered a cyber breach. The average cost of a cyber-security breach is £600k-£1.15m for large businesses and £65k-115k for SMEs.
While existing insurance policies such as commercial property, business interruption or professional indemnity insurance, may provide some elements of cover against cyber risks, businesses are increasingly buying specialised cyber insurance policies to supplement their existing insurance arrangements, particularly if they:
hold sensitive customer details such as names and addresses or banking information;rely heavily on IT systems and websites to conduct their business;process payment card information as a matter of course.
What does it cover?
With its roots in errors and omissions (E&O) insurance, cyber insurance began catching on in early 2000's
Cyber insurance covers the losses relating to damage to, or loss of information from, IT systems and networks. Policies generally include significant assistance with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
Generally cyber risks fall into first party and third party risks. Insurance products exist to cover either or both of these types of risk.
First-party insurance covers your business’s own assets. This may include:
Loss or damage to digital assets such as data or software programmesBusiness interruption from network downtimeCyber exhortation where third parties threaten to damage or release data if money is not paid to themCustomer notification expenses when there is a legal or regulatory requirement to notify them of a security or privacy breachReputational damage arising from a breach of data that results in loss of intellectual property or customersTheft of money or digital assets through theft of equipment or electronic theft
Third-party insurance covers the assets of others, typically your customers. This may include:
Security and privacy breaches, and the investigation, defence costs and civil damages associated with themMulti-media liability, to cover investigation, defence costs and civil damages arising from defamation, breach of privacy or negligence in publication in electronic or print mediaLoss of third party data, including payment of compensation to customers for denial of access, and failure of software or systems
No comments:
Post a Comment