What is Cyber Risk Insurance?
In today’s world, it’s hard to think of any business that isn’t reliant on technology, especially the internet—the digital super-connection that connects all devices. Invariably, this creates a cyber-risk whereby your private data and normal business functioning could come under attack by a cyber-criminal.
Cyber risk insurance is typically designed for organizations to provide protection against cyber-security related risks. It helps you keep your business running in the event of a cyber security breach and is generally designed to help businesses address any expense that might occur as the result of a data breach, including forensic investigations, business losses and notification expenses, as well as addressing lawsuits and extortion attempts.
Cyber risk insurance provides a wide range of coverage against the business losses that might occur as the result of data destruction, data theft, hacking, extortion, including forensic investigations and DoS attacks. Its coverage also encompasses the losses caused by errors and omissions, failure to protect the data, and defamation. Besides, its additional benefits also include the coverage of post-incident public relation expenses, regular security audits, and other expenses.
In addition, one can also buy a personal Cyber risk insurance policy to secure a person’s personal digital identity and data from online threats.
Why does your organization need cyber risk insurance?
Every organization that uses technology to do business faces cyber risk. In today’s world where almost, every business is going digital and many are shifting to cloud-based solutions, it is impossible to isolate from online communication or be immune from cyber risks. According to “The Economic Impact of Cybercrime –No Slowing Down Report,” it was estimated that cybercrime might cost have the world $600 billion in 2017. It was almost double the loss caused by natural and man-made disasters, combined.
Therefore, it is critical for organizations to embed cyber security risk management policies and measures at every level. Cyber risk insurance can help you maintain the continuity of your business in the event of cybercrime. Just like other types of insurance, you transfer some of your risk to the insurance company via cyber risk insurance so that you don’t have to incur the loss when a data breach occurs.
What to look for in Cyber Risk Insurance? How to Choose?
In Dubai, you will find various insurance companies offering cyber risk insurance. Similar to any other business insurance, the coverage of cyber risk insurance also varies based on the insurer and policy types.
While selecting a cyber risk insurance coverage, ask the following questions so that you know you are picking the right product for your organization:
- Does the insurance company provide one or more types of standalone cyber insurance policies? Or, is this coverage simply an extension of existing policy? A standalone policy is considered to be the best and most comprehensive.
- Does the insurance company customize the policy based on your organization’s needs?
- What are the deductibles? Just like you have deductibles with health or auto insurance policy, be sure to compare deductibles among insurers closely.
- How does cyber risk insurance coverage and limits apply to first and third parties? Does it also cover the third-party service provider? Find out if your service providers have cyber insurance and if not, how this will affect your agreement with them.
- Does the policy also cover non-malicious actions performed by an employee? This is a part of the Errors & Omissions coverage.
- Does the insurance cover social engineering along with network attacks? Social engineering involves all kinds of attacks, such as phishing and advanced persistent threats.
While you can go it alone and prepare a list of the questions mentioned above, you can also work with New Age Insurance Brokers who can help you with the above. Our specialized team will conduct a thorough due diligence process to understand your cyber environment and recommend the right kind of plan for your organization.
There are nearly a million new malware attacks every day and 62% of these attacks are carried out on small and medium business enterprises. It takes nearly 200 days to even discover that a data breach has occurred!
In the modern internet era, it is data everywhere. Data is stored, retrieved and transacted across businesses and industry. A strong IT infrastructure at times appears too weak in the face of the onslaught of cybercriminals and hackers. Cyber security related issues are becoming a big source of threat, which can either make or mar the future. The after-effects of a data breach can be daunting to overcome and painful to recover from. Loss of face, customers, pride and confidence are some of the immediate reactions. The financial loss, compensation, and legal issues are the final nails on the coffin.
Estimated Loss sustained during wannacry outbreak
During May 2017, wannacry ransomware outbreak made companies lose more than $4 billion in just under a week, infecting over 30,000 machines across the world. We will not delve further into the intricacies of the vulnerability or the technical details behind it, but rather focus on how cyber insurance can help companies tackle such attacks and overcome them with peace of mind.
How does Cyber Insurance help?
Data breach or loss or leakage of customers’ personal data is ground for hefty penalties in several countries. Privacy of data is to be ensured at all costs. Therefore, to minimize losses, under cyber insurance policies, insurance companies provide the services of a crisis-management team, (experts in cyber security), immediately when a data breach is noticed. The crisis management team arrests the further slide of data, plugs loopholes in the system, attempts to repair and rebuild company reputation and estimates the losses suffered or the costs associated with the breach.
Cyber liability cover gives both First-party and third-party. First party coverage is the loss and expenses sustained by the holder of the policy, while third-party coverage protects victims of data theft or other cyber-crimes. Cyber insurance helps a company cover the costs of compensation, penalties and the expenses associated with data protection and data retrieval. Apart from this, claims arising out of the failure of the victim to secure personally identifiable information of a third party are also covered. Regulatory actions, privacy breach and failure to detect or disclose a security failure are some of the other issues covered under cyber insurance. Even the notifications, public relations exercise (For example, informing customers not to panic or that their data and money is safe etc.), legal guidance are all included in the coverage.
The outage period or interruptions and the loss sustained due to such interruptions are covered. Ransomware infections lock a computer and demand a ransom amount to get them ‘unlocked.’ This ransom payment is also covered under cyber insurance.
The outlook for the next decade
As we get more and more electronically connected, cyber threat is real and is here to stay. It all depends on how an organization copes up with it. The effort should be to minimize the financial and other implications of the cyber attack. The ability of the organizations to make informed decisions prior to the attack and their preparedness for facing any eventuality is the key to successful crisis management. An appropriate cyber insurance policy will help you tide over the crisis with ease.
At NAIB, we know the importance of sensitive data and how it affects your business interests. Our comprehensive range of cyber security schemes covering network security, cyber liability and privacy for first and third party risks shall help you sail through the risks associated with cyber threats at competitive rates.