Bricking - Bricking coverage within cyber insurance will pay to replace computer equipment that becomes non-functional (Bricked) following a cyberattack.  

Business Continuity Plan (BCP) - A plan that responds to any major disruption in business operations, typically caused by weather events, property damage, or cyberattacks. The plan includes documented steps that outline how business operations will be maintained along with regular testing exercises to validate its effectiveness. Business Continuity Plans can help substantially mitigate the impact of unplanned business disruptions and cyberattacks.

Business Interruption (BI) - Business interruption coverage under a cyber policy refers to the lost profit and extra expenses that are incurred due a disruption in business services following a cyberattack. BI coverage has a designated waiting period that must elapse before a recovery is possible. Waiting periods essentially replace the policy retention (i.e., deductible) and are stated on an hourly basis, instead of monetary value.

With the rise in ransomware events, BI coverage is a key component in cyber insurance and can prove crucial in saving your bottom line.  

Cloud Computing - Provides convenient, on-demand network access to a shared pool of resources allowing data storage and computing power without active user management or local servers.

Computer Forensics - A discipline that combines elements of law and computer science to collect and analyze data from computer systems in a forensically sound manner (admissible in court). The goal is to provide a structured investigation of an effected computer system, documenting and logging all evidence to determine if information was used for illegal or unauthorized activates.

Notably, cyber insurance covers the costs of forensics following a cyberattack or breach.

Crisis Management - Following a cyber breach, crisis management is a component of cyber insurance that covers the costs to notify potential effected parties and engage with crisis management firms. Additional costs covered under crisis management may include Public Relations, Advertising, or Call Center.

Credential Stuffing - Is a type of cyberattack where stolen account credentials, typically consisting of lists of usernames and/or email addresses and the corresponding passwords (often from previous data breaches), are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application. Attackers automate the logins for previously discovered credential pairs (sometimes millions) using standard web automation tools. 

Credential stuffing attacks succeed because many users reuse the same username/password combination across multiple sites rather than creating unique passwords for each website login page.  

Cryptojacking – Is the unauthorized use of computer systems to mine digital currency. Cybercriminals will install malware or web scripts that mine digital currency on victim’s computer systems, consuming massive amounts of processing power and electricity.  

Cyber Security - The practice of protecting and defending digital information and assets including computers systems, software, networks, and data from malicious attacks or unauthorized access.

Data Recovery - Data recovery expenses include the necessary costs to recover and restore lost, corrupted, destroyed, or deleted information from backups resulting from a business disruption.

Dual Control (2FA) - A security procedure requiring two people to authenticate a bank wire or funds transfer. Implementing dual control helps prevent fraudulent bank wires that may arise out of phishing or social engineering attempts. Dual control can be accomplished by a phone call to the bank wire recipient, verifying the transaction with an executive, or implementing formalized procedures with a financial institution.

Denial-of-Service (DoS) Attack - A cyberattack intended to make network resources or servers unavailable to their users by flooding systems with requests from a single source. Machines are typically overloaded to the point that they slow to a crawl or shut down completely. Targets typically involve web pages or platforms. The intent of DoS attacks can range from collecting extortion payments to hacktivism, with many victims left unable to determine why they became a target.

Distributed Denial-of-Service (DDoS) - attack is a wide scale DoS attack that uses many different sources to flood network resources and servers.

Disaster Recovery Plan (DRP) - A set of procedural resources (human, physical, technical) used to recover from any major disruption in business operations. From an IT perspective, it includes restoring data, systems, or software used in daily operations. The plan is used in conjunction with a Business Continuity Plan to help restore operations in the most timely and cost-effective manner.

Funds Transfer Fraud – A cyberattack that manages to re-direct seemingly legitimate company payments to cybercriminals. This type of fraud is accomplished through social engineering techniques that prey on our inherent sense of trust, typically originating from email spoofing or spear phishing.  

Within cyber insurance, Funds Transfer Fraud coverage may also refer to Social Engineering, Invoice Manipulation, Electronic Crime, Computer Fraud, or Financial Fraud.  

Incident Response - The response of an enterprise to a disaster or other significant event that may significantly affect the enterprise, its people, or its ability to function productively. An incident response may include evacuation of a facility, initiating a disaster recovery plan (DRP), performing damage assessment, and any other measures necessary to bring an enterprise to a more stable status

Invoice Manipulation – A form of Funds Transfer Fraud where a fraudulent invoice payment request is sent from a hacked company email account. Cybercriminals will often review past correspondence to mimic the sender’s behavior and request payments from known customers or vendors.  

Legacy System - Outdated computer systems and/or software.

Malware - Short for malicious software. Software that's designed to infiltrate, damage or obtain information from a computer system without the owner’s consent. Malware includes computer viruses, worms, ransomware Trojan horses, spyware and adware. See our dedicated article on malware here.

Multi-Factor Authentication (MFA or 2FA) - A combination of more than one authentication method, such as a password and a PIN (that continuously changes). Multifactor authentication helps prevent cybercriminals from using stolen passwords. Common MAF authenticators include DUO, Microsoft Authenticator, or Google Authenticator. 

Network & Information Security Liability – A primary component of cyber insurance that provides coverage for 3rd party liability arising from the use of information technology. These liabilities are commonly the result of unauthorized access to data, the transmission of malicious code (computer virus), failure to provide breach notification, or failure to allow user access (DoS attack).  

Cyber insurance covers the damages and defense costs that may arise as a result of Network & Information Security Liability.  

Patch - Updates that fix software programming errors and security vulnerabilities, also referred to as bug fixes. Unpatched software is one of the leading causes of data breaches.

Phishing - The fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication (email). Typically carried out by email spoofing, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.

Phishing is an example of social engineering, which prays on humans’ inherent sense of trust, and is the root cause of most data breaches. See our dedicated article on malware here.

Ransomware - Is a form of malware that effectively holds a computer system hostage until a "ransom" fee is paid. Most ransomware attacks are the result opening infected email attachments or visiting malicious websites, which will then install a worm or Trojan horse. Once the systems and files are locked (encrypted) a decryption key is needed to regain access, which is provided following the ransom payment.

Payment demands are requested in cryptocurrencies (Bitcoin), which are difficult to trace.  

Ransomware is one of the most common forms of cyberattack and ransom demands are rapidly increasing, with some in the millions.

Notably, cyber insurance covers the cost associated with ransomware attacks including payment demands.

See our Coffee Break on Ransomware here.

Regulatory Defense - Following a cyber breach, regulatory defense coverage within cyber insurance includes the necessary costs to respond and defend against privacy regulation inquiries from governmental bodies. Governmental bodies may include local, state, federal, or foreign agencies. In addition to defense costs, regulatory coverage typically includes the cost of fines or penalties imposed as a result of the inquiry.

With newer and more stringent privacy laws being enacted, such as CCPA and GDPR, regulatory actions will continue to increase with higher penalties imposed.

Reputational Loss – Following a cyber breach, reputational loss coverage refers to the reduction in profit directly caused by negative press or an adverse public view. Businesses will often experience a drop in sales and consumer confidence after a breach becomes public, and reputational loss coverage can pay for this financial loss.     

Risk Transfer - The process of assigning risk to another enterprise, usually through the purchase of an insurance policy.

Service Fraud – Coverage within cyber insurance for the fraudulent use of internet-based services, resulting in unforeseen charges and financial loss. Standard internet-based services include VoIP (phone), Internet (ISP), Cloud Storage (AWS/Azure/Dropbox), or any Software-as-a-Service (SaaS). Cybercriminals hack VoIP systems to make calls or install malware that mines digital currency, known as cryptojacking, leaving victims with massive service fees.   

Notably, Service Fraud coverage may also refer to Telecommunications Theft or Cryptojacking.  

Social Engineering - The act of manipulating an individual into divulging confidential information or performing actions. Cybercriminals exploit our inherent sense of trust, causing individuals to divulge passwords or fraudulently send funds.

Notably in cyber insurance policies, Social Engineering Coverage often refers to fraudulent funds transfer coverage where employees are manipulated (duped) into sending funds to cybercriminals.