Cyber Insurance Coverage Policies

Given the many high profile cyber security attacks last year, cyber insurance is no doubt on the mind of many corporate leaders.  According to one source, cyber insurance policy sales were up 20% last year over 2012.  Companies without cyber insurance are likely taking a fresh look at it.

 

That’s not at all surprising considering that 2013 was the year of the major Target breach affecting as many as 110 million people and counting and Neiman Marcus, with approximately 1.1 million customer cards that were breached.  There are numerous other investigations ongoing, and fresh breaches are already popping up this year, including a just announced breach at the University of Maryland.  It has been widely reported that Target had $100 million worth of cyber insurance in place.  Whether that will be enough to cover actual losses remains to be seen, especially in light of several class actions lawsuits that have surfaced.

 

Benefits of Cyber Insurance

 

Cyber insurance provides benefits including an increase in information security since insurance companies will require the adoption of best practices as a qualifying condition for insurance coverage. Since cyber-losses will have to be paid out, insurance companies have a vested interest in promoting an increase in IT security.  At the same time, improvements in cyber security will often result in lower cyber insurance rates to for companies.

 

Cyber Insurance Coverage

 

Consider buying first and third-party cyber Insurance coverage.  First-party expenses are those that directly cost the enterprise (such as lost revenues, forensics experts, etc.) while third-party expenses are those that are incurred from claims brought by those whose data was breached (class-action lawsuits).

Many insurance companies offer cyber insurance policies including:

  • AIG

  • ACE Group

  • Chubb Insurance Group

  • Travelers

Carefully review your policy to understand exactly what is covered, and what is not.  For example, bring your own device (BYOD) poses risks that some cyber security insurance policies do not cover.

Jacqueline von Ogden

Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".