Cyber Liability Insurance

Cyber Liability

Many small and medium businesses think that they are not likely targets for a cyber-attack, believing that only large corporates, banks and government institutions appeal to cyber criminals. The reality is that any entity that conducts any aspect of its business online and holds any sensitive data – employee or client records, banking and payment details of staff, customers or own, market strategies or financials, payroll information, medical or academic records or any other sensitive data – is a potential target. The Canadian Government's "Get Cyber Safe" initiative states that 40% of a small business' worth is derived from the data that it owns. 90% of small and medium-sized businesses surveyed believed that a hack of their data would have catastrophic consequences for their business, while 50% did not think that they were a target for cyber criminals. Yet 40% of all cyber-attacks in 2011 were on small and medium sized businesses – most likely because their less robust security measures, policies and firewalls make them easy pickings for hackers. (Aon Newsletter July 2016)

With the promulgation of The Protection of Personal Information Act (‘POPI’), with its stringent requirements to protect the privacy of any individual’s personal information that you may be storing and harsh penalties for breach of those provisions, all businesses/entities/associations should seriously consider taking out this insurance if their company holds personal information about clients, employees, customers or anyone else, especially if they hold banking/credit card details or any other information of a highly confidential nature.

Cyber-liability insurance can be arranged to provide cover for the following:

  • Expenses for security specialists, attorneys, forensic investigators and loss adjusters to contain, manage and recover from a cyber-incident
  • Network/business interruption to compensate the organisation for system downtime and consequent loss of earnings as a result of a breach
  • Costs to restore/recover data and operations
  • Increased cost of working following a breach
  • Costs for communications during the crisis, especially to keep affected parties informed
  • Notifications to affected parties
  • Public relations campaigns to limit reputational damage
  • Remediation services to safeguard affected parties, e.g. credit monitoring
  • Defence and settlement third-party liability claims arising from the compromised data, e.g. victims of fraud resulting from their data being compromised, or clients whose IP has been leaked to a competitor, suing for damages
  • Defence and settlement of third-party liability claims as a result of system security failures causing harm to third-party systems and data
  • Cyber-extortion
  • Fines and penalties, to the extent insurable by law. These can be significant, for example, the POPI Act makes provision for fines of up to R10 million
  • losses arising out of data privacy or security breaches arising from malicious or negligent acts carried out by employees.
  • A major benefit to cyber liability insurance is that it provides cover for what has typically been an uninsurable risk. Traditional insurance products generally require physical or tangible damages in order to trigger cover, or specifically exclude cyber or data related events. Suffering a cyber-type attack or privacy breach is unlikely to trigger traditional insurance products and it is in this area that a cyber policy comes to the fore, given that they are specifically designed to respond to cyber-related incidents

    Using a traditional business interruption policy, something like a distributed denial of service (DDOS) attack is unlikely to result in physical damage to your data center or underlying servers. A traditional business interruption policy would thus not be triggered to cover lost earnings resulting from the system interruption, a cyber-liability policy is however designed to respond to such incidents.

    Application Form

Cyber Liability Insurance

Copyright© 2013   |   Disclaimer  |   Privacy Policy
designed by akimbo designs