Cyber Insurance
Glossary

Business Continuity Plan (BCP) - A plan that responds to any major disruption in business operations, typically caused by weather events, property damage, or cyberattacks. The plan includes documented steps that outline how business operations will be maintained along with regular testing exercises to validate its effectiveness. Business Continuity Plans can help substantially mitigate the impact of unplanned business disruptions and cyberattacks.

Business Interruption (BI) - Business interruption coverage under a cyber policy refers to the lost profit and extra expenses that are incurred due a disruption in business services following a cyberattack. BI coverage has a designated waiting period that must elapse before a recovery is possible. Waiting periods essentially replace the policy retention (i.e., deductible) and are stated on an hourly basis, instead of monetary value.

With the rise in ransomware events, BI coverage is a key component in cyber insurance and can prove crucial in saving your bottom line.  

Cloud Computing - Provides convenient, on-demand network access to a shared pool of resources allowing data storage and computing power without active user management or local servers.

Computer Forensics - A discipline that combines elements of law and computer science to collect and analyze data from computer systems in a forensically sound manner (admissible in court). The goal is to provide a structured investigation of an effected computer system, documenting and logging all evidence to determine if information was used for illegal or unauthorized activates.

Notably, cyber insurance covers the costs of forensics following a cyberattack or breach.

Crisis Management - Following a cyber breach, crisis management is a component of cyber insurance that covers the costs to notify potential effected parties and engage with crisis management firms. Additional costs covered under crisis management may include Public Relations, Advertising, or Call Center.

Cyber Security - The practice of protecting and defending digital information and assets including computers systems, software, networks, and data from malicious attacks or unauthorized access.

Data Recovery - Data recovery expenses include the necessary costs to recover and restore lost, corrupted, destroyed, or deleted information from backups resulting from a business disruption.

Dual Control (2FA) - A security procedure requiring two people to authenticate a bank wire or funds transfer. Implementing dual control helps prevent fraudulent bank wires that may arise out of phishing or social engineering attempts. Dual control can be accomplished by a phone call to the bank wire recipient, verifying the transaction with an executive, or implementing formalized procedures with a financial institution.

Denial-of-Service (DoS) Attack - A cyberattack intended to make network resources or servers unavailable to their users by flooding systems with requests from a single source. Machines are typically overloaded to the point that they slow to a crawl or shut down completely. Targets typically involve web pages or platforms. The intent of DoS attacks can range from collecting extortion payments to hacktivism, with many victims left unable to determine why they became a target.

Distributed Denial-of-Service (DDoS) - attack is a wide scale DoS attack that uses many different sources to flood network resources and servers.

Disaster Recovery Plan (DRP) - A set of procedural resources (human, physical, technical) used to recover from any major disruption in business operations. From an IT perspective, it includes restoring data, systems, or software used in daily operations. The plan is used in conjunction with a Business Continuity Plan to help restore operations in the most timely and cost-effective manner.

Incident Response - The response of an enterprise to a disaster or other significant event that may significantly affect the enterprise, its people, or its ability to function productively. An incident response may include evacuation of a facility, initiating a disaster recovery plan (DRP), performing damage assessment, and any other measures necessary to bring an enterprise to a more stable status

Legacy System - Outdated computer systems and/or software.

Malware - Short for malicious software. Software that's designed to infiltrate, damage or obtain information from a computer system without the owner’s consent. Malware includes computer viruses, worms, ransomware Trojan horses, spyware and adware. See our dedicated article on malware here.

Multi-Factor Authentication (MFA or 2FA) - A combination of more than one authentication method, such as a password and a PIN (that continuously changes). Multifactor authentication helps prevent cybercriminals from using stolen passwords. Common MAF authenticators include DUO, Microsoft Authenticator, or Google Authenticator. 

Patch - Updates that fix software programming errors and security vulnerabilities, also referred to as bug fixes. Unpatched software is one of the leading causes of data breaches.

Phishing - The fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication (email). Typically carried out by email spoofing, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.

Phishing is an example of social engineering, which prays on humans’ inherent sense of trust, and is the root cause of most data breaches. See our dedicated article on malware here.

Ransomware - Is a form of malware that effectively holds a computer system hostage until a "ransom" fee is paid. Most ransomware attacks are the result opening infected email attachments or visiting malicious websites, which will then install a worm or Trojan horse. Once the systems and files are locked (encrypted) a decryption key is needed to regain access, which is provided following the ransom payment.

Payment demands are requested in cryptocurrencies (Bitcoin), which are difficult to trace.  

Ransomware is one of the most common forms of cyberattack and ransom demands are rapidly increasing, with some in the millions.

Notably, cyber insurance covers the cost associated with ransomware attacks including payment demands.

See our Coffee Break on Ransomware here.

Regulatory Defense - Following a cyber breach, regulatory defense coverage within cyber insurance includes the necessary costs to respond and defend against privacy regulation inquiries from governmental bodies. Governmental bodies may include local, state, federal, or foreign agencies. In addition to defense costs, regulatory coverage typically includes the cost of fines or penalties imposed as a result of the inquiry.

With newer and more stringent privacy laws being enacted, such as CCPA and GDPR, regulatory actions will continue to increase with higher penalties imposed.

Risk Transfer - The process of assigning risk to another enterprise, usually through the purchase of an insurance policy.

Social Engineering - The act of manipulating an individual into divulging confidential information or performing actions. Cybercriminals exploit our inherent sense of trust, causing individuals to divulge passwords or fraudulently send funds.

Notably in cyber insurance policies, Social Engineering Coverage often refers to fraudulent funds transfer coverage where employees are manipulated (duped) into sending funds to cybercriminals.

This article is made available for informational purposes and is not intended to be a substitute for professional or legal advice. No attorney client relationship is formed or implied between you and the authors(s) or Cyber Armada Insurance.
Application

Apply for Cyber Insurance Online

Answer a few questions online and Cyber Armada will design a cyber insurance policy tailored to your particular needs.

Apply Online
Apply for Cyber Insurance
Schedule an appointment with Cyber Armada
Appointment

Can we talk?

We're ready to talk when you are. You can schedule an appointment to speak with a representative from Cyber Armada when it is most convenient for you. Whenever possible we use online meetings to increase productivity and increase the amount of time we can spend with you. We use Zoom Meetings as our preferred video conferencing platform.

Schedule Appointment
Newsletter

Stay up to date

Sign up to stay current with all the developments concerning cyber security, cyber insurance, and the cyber threats facing your organization.

Your privacy is important to us. Cyber Armada will not share your information with any third parties.