Protecting against the high cost of cyberfraud
The role of cyber liability insurance in your risk management strategy
Cybercrime, particularly ransomware, has been on a steady upswing. Victimized companies face costly consequences, including lost dollars and staff time to resolve the matter and a tarnished reputation with customers and the public. In response, many firms are buying cyber liability insurance.
"Network security and privacy" is the general heading for the policies that property and casualty (P&C) carriers offer to cover cyberattacks. Here are some common coverage areas in a comprehensive policy:
- Third-party liability – This includes the cost of defending against litigation initiated by customers and employees claiming to have been damaged
- First-party (i.e., the insured) basic expenses – Examples include costs related to hiring cyber forensic experts to investigate and fix the source of the breach, and notifying impacted parties
- Additional first-party expenses – Data restoration expenses, lost revenue due to business interruption and costs related to external public relations services
- Extortion payment – In ransomware attacks, it's often necessary to pay a ransom, while at the same time identifying and minimizing or eliminating the vulnerability that led to the successful attack
- Liability for website content – A variety of liabilities arise from having a company website, including potential theft of proprietary content
- Health Insurance Portability and Accountability Act (HIPAA) defense and penalties – Exposure of protected private health care data, whether belonging to employees or others (in the case of a health care provider or insurer), can have costly consequences
- Payment Card Industry Data Security Standard (PCI DSS) penalties – Such costs can be incurred if procedures for processing customer credit and debit card payments don't satisfy PCI DSS requirements and cardholder accounts are compromised
Current annual premium revenue for cyber insurance is in the $3 billion to $4 billion range, but it is expected to reach $20 billion by 2025, according to the Financial Times.1
The cost of comprehensive cyber policies is generally competitive in today's market, with many new insurance carriers regularly entering the market as demand grows. Cyber policy premiums as a portion of a typical company's total P&C coverage expense will be small. However, costs vary not only by coverage limits but also by industry sector and "record count exposure"—the number of personally identifiable information files in corporate systems.
The daunting variety and complexity of cyber policies can be overcome by working with an experienced broker with expertise in this rapidly evolving field. Given the accelerating growth of cybercrime, taking the steps to be insurable and secure appropriate insurance protection is more critical than ever.
Interested in more detail?
Want to explore more topics?
Planning a successful future for your family business enterprise
An effective succession plan is far more than the selection of a successor. It also includes ongoing leadership development and communications to help avoid unnecessary conflicts and to meet the needs of both the business enterprise and family members.
Protecting the future of your business
While making sure their current strategies are on target and operations are in sync, business owners also should look beyond today to ensure that plans and processes are in place to protect the long-term best interests of their companies and their families.