WHAT IS CYBER INSURANCE & WHY IS IT A “MUST HAVE”
Technology is now such an essential part of our lives: especially in business. Whether a small start-up or a large established business, no enterprise is “immune from the invisible infection” caused by Cyber viruses. It’s the biggest emerging “epidemic” yet it’s a straightforward condition to treat!
Cyber Insurance, also referred to as Cyber Liability or Cyber Risk Insurance, is an insurance cover designed to protect individuals and organizations from the unforeseen costs involved to recover from or contain a cybersecurity breach such as spyware, malware, ransomware, hacking or data protection violation.
The headaches caused by such online events can be huge and the losses hard to quantify since they are not only limited to direct risks but also those that are consequential and intangible such as disruption and reputational damage. A good Cyber Insurance can help to protect you so that in the event of such attack on your IT infrastructure, you get practical, expert help to manage and contain the situation as well as financial assistance to cover your losses.
WHAT’S COVERED UNDER A CYBER INSURANCE POLICY?
So, what are the main benefits provided by such a Policy? We’ve summarised the key features below:
- Any business interruption loss (caused by a ransomware attack, a distributed denial of service attack, operator error (accidental deletion of data) or any other virus or malware that prevents you from trading
- Business interruption losses and any costs to minimise a cyber extortion threat (where a third party has stolen your data or threatened a denial of service attack)
- Costs to restore data that has been accidentally deleted, corrupted, destroyed or encrypted by a virus or malware
- Costs incurred due to any accidental breach or copyright or defamation (libel and slander)
- Your liability for losses caused to third parties by your transmission of any virus, malware or ransomware
- Any event that leads to your cloud or outsource provider not being able to supply the agreed service
- Your liability for the loss of personal data or breach of any privacy legislation anywhere in the world. Note that different countries have different rules, regulation and legislation applicable when it comes to data protection. Insurers may provide the services of IT forensics to establish what happened, legal advice to help you defend any class actions and public relations advice to help you contain reputational damage (think “Twitter” breach!)
- Your liability for any fines and penalties imposed by any bank or payment card company following the loss of credit card data, including all legal costs incurred whilst protecting you against a valid claim
The services of specialist IT Forensics to assist you in the event of a cyber loss or attack.
WHAT ARE THE KEY AREAS THAT A CYBER INSURANCE POLICY DOESN’T COVER?
It should be noted that there are some losses or costs that typically will not be covered under Cyber insurance. These include:
- Predicted, potential or future lost profits
- Any business devaluation due to theft of your Intellectual Property (designs, moulds, specifications, etc)
- Any costs you have incurred in improving your own technology and systems internally, including any software or security upgrades that you have purchased and installed following a cyber event (insurance seeks to put you in the same position that you were prior to suffering a loss; any improvement is seen as “betterment” and this is not covered)
- Any physical damage to your hardware (eg. accidental damage, water damage, fire) and/or breakdown of the equipment
- Any monies that you have transferred from your account as a result of/in response to any phishing attack
You should consider each of these areas of non-insurance carefully and create a robust contingency plan to cover your exposure. For example, taking out warranty insurance to cover your equipment in case of breakdown; material damage insurance to cover any physical damage to your hardware (such as electrical fire or water damage). You should also put processes and checks in place to safeguard your potential to Fraud (maybe Fraud training for your employees) and taking out suitable patents or Intellectual Property Insurance to cover your unique designs, moulds, creative ideas etc.
HOW CAN I GET CYBER INSURANCE, IT SOUNDS COMPLICATED!
Anyone can apply for Cyber Insurance: whether an individual, small business or large organisation. Insurers will generally ask for basic security and housekeeping measures to be met as a term and condition of the Policy and these are generally:
- A commercial (not Home edition) firewall and anti-virus software
- Proof of data back-up every 7 days or less
- A risk improvement could also be proof of storing backed-up data offsite
You’ll need to have considered these factors and show Insurers that you are committed to putting such protections in place even if you don’t have them arranged already. Failure to do so would invalidate any future claims and even if you choose not to take out the insurance, it would be wise to have these measures sorted anyway.
So, how can Cyber Insurance be arranged and is it easy?
Of course you could try to obtain this insurance yourself but why not simply use our expertise? In partnership with the UAE’s leading Cyber Insurers, InsuranceMarket.ae is able to arrange cover for SMEs and micro-businesses. We’ve devised a simple, single page Proposal Form to enable us to get terms. Contact InsuranceMarket.ae and let us help you protect the risks you can see as well as the ones you can’t.