Cyber exposure is the potential magnitude of a cyber loss.
Cyber insurance buyers need to understand their cyber exposure in order to understand their cyber insurance needs. This is often put into the context of business interruption (BI):
Loss of Revenue
Loss of Customers
Information at Risk
Ultimately, a robust, comprehensive stand-alone cyber insurance policy with appropriate business interruption (BI) limits is an important cyber risk management tool.
The adage is: It is not IF you will be the victim of a cyberattack but WHEN.
That means a business, organization, university or governmental body may encounter a cyberattack at any time regardless of their size or level of security.
The ideal, is to get the coverage you need for your particular cyber risk -- because it will be used at some point.
Unlike the probability of a fire when you acquire fire insurance, there is a greater probability that you will in fact use your cyber coverage, in particular, the first party coverages which are an added value discussed here in the FAQs.
Reports indicate that:
Cyber liability refers to the financial responsibility of a company to pay for damages with regard to exposure of private information and / or other damages caused by computer systems and networks, whether by malice or by accident.
Cyber insurance is a financial risk transfer product that helps protect organizations from cyber risks by transferring those risks away from the insured.
Cyber insurance is unique in that it offers multiple coverages such as network security and privacy liability and media liability in a non-standardized policy.
In essence, businesses transfer their cyber risk via a stand-alone cyber insurance policy. That means:
This type of insurance requires a high level of knowledge on the part of your insurance partners. We provide that knowledge via our team and our insurance carrier partners.
Covers first-party claims against your business in the event of network security failure; which can include a data breach, malware infection, cyber extortion demand, ransomware, or business email compromise.
First Party Coverage under a cyber policy offers you important services to help your business respond in accordance with legal requirements and to assure that your financial situation and reputation remain as close to pre-attack levels as possible.
First Party coverage applies to the policyholder's direct costs when a security failure or data breach occurs.
In addition to the benefits of First Party Coverage, cyber insurance provides Third Party Coverage as an added value.
Third Party Coverage applies if you need to pay damages to injured parties, including lawsuits or regulatory action.
Media liability refers to the potential damages that may arise from the publishing and dissemination of content. This includes exposures such as copyright infringement, trademark infringement, libel, & slander. Cyber policies include coverage for these media perils as it relates to their websites and online content, including social media and networking sites. The most common example of a media peril covered under a cyber policy includes posting copyrighted photos to a website without the appropriate permission or release from the owner.
No. These insurance policies, referred to as non-affirmative cyber policies, were not intended to cover cyber losses.
In recent years, we've seen coverage disputes decided in a court of law. Some but not all courts have granted cyber coverage under non-cyber insurance policies. This is referred to as Silent Cyber. That means, even though the policy did not specifically grant or deny cyber coverage, and thus was silent, a court found coverage for the insured.
This is a risky and costly road to take in order to find cyber coverage.
The best road to choose is to have a cyber insurance specialty agent help you find the stand-alone cyber insurance policy appropriate for your cyber exposure and cyber risk.
Better security can be presented to and considered by the insurance carrier.
The key is to qualify for the most robust, comprehensive coverage offered.
Over time, the more a business can demonstrate good cyber hygiene, the more likely they will be assessed as a lower cyber risk be underwriters.
On the other hand, poor cyber hygiene could negatively impact your premium.
Overall security hygiene as well as cyber exposure and risk (as noted above).
Europe is now covered by the world's strongest data protection rules. The European Union (EU) General Data Protection Regulation (GDPR), which came into force on May 25, 2018, is designed to modernize laws that protect the personal information of individuals in the EU.
The GDPR includes:
The stakes are high as businesses seek to avoid fines and penalties for non-compliance as well as costly litigation following data breaches.
The passage of GDPR was a watershed event and has inspired new regulation in other jurisdictions.
Mostly notably, businesses in the US are now contemplating their compliance requirements under state privacy laws, some effective in 2020 and others anticipated later.
The California Consumer Privacy Act (CCPA) is a state statute that grants California consumers the right to know about and control the personal information that businesses collect about them.
Since compliance with the GDPR does not ensure compliance with the CCPA, businesses are relying upon the advice of counsel to navigate toward compliance.
As under the GDPR, the stakes are high here as well. Businesses are seeking to comply in order to avoid fines and penalties for non-compliance as well as costly litigation following data breaches.
We're ready to talk when you are. You can schedule an appointment to speak with a representative from Cyber Armada when it is most convenient for you. Whenever possible we use online meetings to increase productivity and increase the amount of time we can spend with you. We use Zoom Meetings as our preferred video conferencing platform.