Cyber Security Insurance: Coverage, Claim & Exclusions

What is cyber insurance?

Unfortunately, data breaches and other cyber crimes are becoming way too common. In the past couple years, data breaches have resulted in major fines and legal fees – not to mention headaches – for a discount retail chain, one of the nation’s largest banks, a well-known health insurer, an entertainment network and the federal government.

But it’s not just large organizations that are susceptible to being hacked or getting a virus. Did you know that 55% of small businesses have experienced a data breach and that 53% have had multiple breaches?1

A data breach can damage more than just your small-business computer system – it also can damage your reputation and put your customers and/or employees at risk. That’s why cyber insurance can be a smart precaution for any size business.

Types of Cyber Security Insurance

This insurance can be classified under two headings:

  1. Individual Cyber Security Insurance: It is meant for the daily online users. The policy covers risks associated with fraudulent activities like identity theft, malware attacks, cyber stalking, IT theft loss and social media liabilities.
  2. Cyber Liability Insurance: It covers cyber risks associated with IT firms. It is an IT firm’s liability when it stores customers’ personal and financial data on the servers.

What all Cyber Security Insurance Covers?

Cyber security insurance coverage can be classified under the following heads:

  1. Identity Theft: Use, deletion or alteration of personal data stored on the computer:
    • It covers prosecution costs which arise when a case is filed against a third party.
    • Cost of transportation to the court and photocopying of documents.
  2. Social Media Liability: Identify theft occurring on social media account.
    • It covers prosecution costs which arise while filing a legal case against a third party.
    • Costs of transportation to the court and photocopying of documents.
  3. Cyber Stalking: Using digital media to harass or frighten an online user.
    • Costs which arise when a legal case is raised against a third party.
  4. Malware Attacks: This is a computer program which is received through texts, file transfer, downloaded programs or malicious activities on digital devices.
    • It covers restoration cost of damage to the digital device caused by malware.
    • Costs of transportation to the court and photocopying of documents.
  5. IT Theft Loss: Cyber intrusion in the computer which led to unauthorized payment to third parties.
    • Financial loss due to IT theft.
    • Legal expenses which arise from a claim lodged by a third party.
    • Prosecution cost against a third party for causing IT theft.
  1. Phishing: Unauthorized access to usernames, passwords and credit card details.
    • Financial loss due to loss of sensitive information.
    • Prosecution costs which arise against a third party for phishing attack.
  2. Email Spoofing: Forgery or manipulation of email headers so that the recipients understand that the email is from the actual source.
    • Financial expenses arising out of email spoofing.
    • Prosecution costs which are against a third party.
  3. Media Liability Claims: Unintended publication or broadcast of any digital content as a result of cyber-attack.
    • Prosecution costs to claim compensation from a third party.
    • Costs of transportation to court and photocopying of documents.
  4. Cyber Extortion: Threat to cause privacy breach, cyber attack or data breach.
    • Loss caused by such threats.
    • Prosecution costs which arise when claiming compensation costs from a third party.
  5. Privacy & Data Breach by third party: Unauthorized disclosure of personal data.
    • Legal expenses insured to claim compensation from a third party when any of the above mentioned breaches arises.

Cyber Security Insurance Benefits

  1. Combined benefit of third-party (cyber liability) and first-party (cyber crime expense) coverage.
  2. Broad definitions of “computer” and “system” address enterprise wide network exposure, including laptops, disk drives, backup tapes, and mobile devices.
  3. No exclusion for fraudulent or malicious acts by employees.
  4. Disclosure Liability coverage extends to outsourced data processing and data storage services.
  5. Privacy notification expenses coverage is triggered without a requirement for a claim or a regulatory requirement mandating the notification.
  6. Covers Cyber hacking and cyber attack incidents.