How Prepared Are You for Cyber Security Threats

The information age allows us to collect more data, store more data and extract information around the globe 24/7. This access to private and sometimes sensitive information can significantly increase a company’s vulnerability to cyber security threats - any of which can result in significant out-of-pocket and reputational costs that can devastate the bottom line.

How prepared is your organisation for:

• Costs related to forensic investigations, and disaster recovery related to theft on non-public privacy information or personal records?
• An e-business interruption including expenses that result from a security failure or internet virus?
• A cyber extortion threat?
• Costs related to privacy notification, crisis management costs, credit monitoring?
• A lawsuit stemming from a security failure or alleged technology error or omission that results in damages to customers?
• A regulatory proceeding seeking fines or penalties as a result of actual or potential unauthorised access to private information?

The World Wide Web has no boundaries and as business models evolve through the use of new technologies, so must traditional insurance programmes and risk management practices.

Businesses may be operating under the belief that their existing insurance policies are enough to cover their data security and privacy exposures. Unfortunately, this is not the case and traditional insurance policies may be inadequate to respond to the exposures organisations face today.

Consider these traditional policies:

• General Liability policies typically trigger in response to Bodily Injury (BI) and Property Damage (PD) claims. A cyber-attack usually will not involve either BI or PD. General Liability policies typically don’t offer any first-party costs.
• Property/ISR policies typically respond to destruction or damage to tangible property resulting from a physical peril. The tangible loss then permits the business interruption and extra expense cover to respond. A cyber-attack can cause no physical damage, yet the attack can shut down a business resulting in substantial expense costs and lost income.
• Crime policies typically respond to direct loss from employee theft of tangible property and money or securities. Computer crime extensions usually exclude any third-party liability cover and don’t cover the loss of confidential information.

When it comes to a data security breach or privacy loss, it isn’t a matter of whether it will happen but when it will happen. So when it does happen, you’ll need comprehensive protection from an insurer that specialises in handling cyber risks, offers a full suite of integrated insurance solutions to help minimise gaps in coverage, and understands how to tailor coverage to your business.

Disclaimer: The article serves merely as a guide and is general in nature. It does not constitute professional advice nor does it take into account your organisation’s nature of business or the level of preparation your organization has taken against cyber threats. Please consult your local IT advisors to ensure that your organisation’s IT systems are fully equipped against potential cyber threats.