The information age allows us to collect more data, store more data and extract information around the globe 24/7. This access to private and sometimes sensitive information can significantly increase a company’s vulnerability to cyber security threats - any of which can result in significant out-of-pocket and reputational costs that can devastate the bottom line.
How prepared is your organisation for:
- Costs related to forensic investigations, and disaster recovery related to theft of non-public information or personal records?
- An e-business interruption including expenses that result from a security failure or internet virus?
- A cyber extortion threat?
- Costs related to privacy notification, crisis management costs, credit monitoring?
- A lawsuit stemming from a security failure or alleged technology error or omission that results in damages to customers?
Gaps in Traditional Insurance
The World Wide Web has no boundaries and as business models evolve through the use of new technologies, so must traditional insurance programmes and risk management practices.
Businesses may be operating under the belief that their existing insurance policies are enough to cover their data security and privacy exposures. Unfortunately, this is not necessarily the case and traditional insurance policies may be inadequate to respond to the exposures organisations face today.
Consider these traditional policies:
- General Liability policies typically trigger in response to Bodily Injury (BI) and Property Damage (PD) claims. A cyber-attack usually will not involve either BI or PD. General Liability policies typically don’t offer any first-party costs.
- Property/ISR policies typically respond to destruction or damage to tangible property resulting from a physical peril. The tangible loss then permits the business interruption and extra expense cover to respond. A cyber-attack can cause no physical damage, yet the attack can shut down a business resulting in substantial expense costs and lost income.
- Crime policies typically respond to direct loss from employee theft of tangible property and money or securities. Computer crime extensions usually exclude any third-party liability cover and don’t cover the loss of confidential information.
To guard your business against the risk of a data security breach or the loss of confidential or personal information, consider seeking cover from an insurer that specialises in handling cyber risks, offers a full suite of integrated insurance solutions to help minimise gaps in coverage, and understands how to tailor coverage to your business.