What does a cyber insurance policy cover?
Digital transformation has amplified the cyber risks faced by organizations of all sizes. Cyber insurance coverage can offer protection — but not all policies are alike. Here are some key considerations to help find the right fit.
Overview
Technology is the most significant driving force of change in today's digital economy. However, the innovations that have allowed businesses to thrive with nothing but a digital presence have accelerated digital risks, including cybersecurity incidents such as ransomware, data breaches, business email compromise, etc.
Cyber crime is a lucrative criminal business model, and organizations of all sizes can fall victim to a cyber attack. In the second half of 2022, claims severity rose 56% for small businesses, showing that victims are often targets of opportunity. Cyber insurance provides coverage for financial, tangible, and intangible losses when digital risk transforms into a cyber incident.
Cyber incidents can damage more than computers and mobile devices. Businesses can suffer irreparable harm to their critical data, finances, and reputation. The right cyber insurance coverage can mean the difference between ceasing operations and getting back to business quickly.
The average ransom demand in H1 2022 was $1.8 million*. Protect your organization by partnering with Coalition.
In this article
Additional Resources:
How to evaluate cyber insurance coverage
Cyber criminals use a variety of attack tactics and techniques to extort or manipulate organizations for financial gain. Cyber insurance coverage protects organizations against the robust set of attacks hackers have at their disposal.
Cyber insurance is not designed as a one-size-fits-all, unlike other standard business risk policies, such as General Liability and Property. Whether you are evaluating the adequacy of your current cyber coverage or in the market to add cyber coverage insurance, work with an experienced broker who can help you understand the nuances between policies, and carefully review policy details and coverages. All policies are not created equal.
What are the five main areas covered under cyber liability?
Not all cyber liability insurance policies are created equal, and cyber insurance coverage can vary between carriers and policies. To adequately protect your organization against digital risks, look for coverage that will make your organization whole if you experience one of the most common cyber events.
Funds transfer fraud coverage can replace or clawback funds One of the easier ways to monetize cyber crime is through funds transfer fraud (FTF), which threat actors often perpetuate through social engineering techniques like phishing or business email compromise (BEC). Once criminals have access to your business mailbox, they can manipulate your contacts and modify payment instructions, sometimes without even triggering any security alerts. Funds transfer fraud coverage should cover incidents where a cyber criminal misdirects funds. Coalition's claims team will work with law enforcement and the appropriate financial institutions to attempt to retrieve the funds. |
Restoration and remediation of Digital Assets against Cyber Extortion and Ransomware attacks It has become clear that all organizations are vulnerable to this persistent digital risk of ransomware attacks, and organization size is not a predictor of risk. Paying such an exorbitant $1.8M ransom may prove untenable for many businesses. Cyber extortion coverage can cover the costs of the ransom itself, but policyholders should evaluate the hidden costs of remediating these attacks. In addition to covering the ransom fees, cyber insurance can also cover digital asset restoration to restore critical business data that may have been encrypted, damaged, or deleted during the ransom attack. If employee or customer information was exposed as a result of the attack additional coverages may apply to the legal and reporting fees that result. | Emerging digital mitigated by Service Fraud and Computer Replacement coverage Two emerging digital risks include service fraud (cryptojacking) and bricking can be devastating for businesses not covered by a general cyber policy. Cryptojacking occurs when a cyber criminal steals an organization's computing resources to mine cryptocurrency for their benefit. A Service Fraud endorsement covers the direct financial losses a business faces when charged for fraudulent use of cloud-and internet-based services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Network as a Service (NaaS), IP Telephony and more. If devices on your network have seemingly suffered no physical damage, but malware has rendered them unusable, you've been a victim of bricking. There is no way to restore a bricked computer. Computer Replacement coverage will replace all impacted devices. |
Network & Info Security Liability & Regulatory Defense & Penalties coverage to mitigate digital vendor risk Today, businesses commonly rely on vendors to store sensitive customer and employee data in the cloud. In many cases, they also rely on these vendors to conduct critical functions, including processing the company's accounts receivable or other essential IT-related activities. Should one of these cloud vendors experience a cyber incident, it can be costly to all businesses that rely upon the vendor's platform. Specifically, companies could be exposed to privacy claims, regulatory fines, and other business interruption costs, including lost income and extra expenses to get their operation back up and running. Even if your third-party vendor has cyber insurance, your contract with them may limit their liability to you. With Network and Information Security Liability (NISL) and Regulatory Defense and Penalties coverage, businesses can transfer your third-party liability risk, mitigating their responsibility in the event of a claim related to one of their vendors. Additionally, cyber insurance policies with Business Interruption and Extra Expense coverage address first-party losses from reliance on cloud vendors. | Bodily Injury and Property coverage help when digital risks become physical As digital infrastructure becomes more advanced and integrated into your business operations, the boundary between cyber and physical security has become increasingly blurred. For example, a cyberattack on a medical organization's network could impact the health and safety of patients undergoing treatment by disrupting the connected medical devices. Likewise, a manufacturing company's operations could be shut down entirely if connected machinery is attacked and cannot be accessed, such as in a ransomware attack, or destroyed with malicious commands sent to the machinery, causing it to perform unwanted actions. Unfortunately, general liability (GL) policies typically do not cover physical or non-physical risks resulting from a cyber incident. However, suppose your cyber insurance coverage includes Bodily Injury and Property and Pollution coverage (first and third-party). In that case, your organization can remain protected from digital risks that translate to physical impacts. |
What does cyber insurance not cover?
As with most insurance policies, there are specific exclusions that a cyber insurance policy may not cover. Things that may be exclusions in your cyber insurance policy include:
Resulting loss of future revenue (that is to say, loss of revenue or income that extends beyond the indemnity period - the period in which cyber policies will provide business interruption and extra expense coverage, typically 180 days)
Cyber attacks can result in brand or reputational damage, and while cyber insurance coverage can extend to reputational harm, that doesn't extend to a company's valuation
Errors and Omissions liability - cyber policies will provide third-party protection for claims arising from a security failure, data breach and/or privacy liability. Still, they may not respond to a claim against you for a violation of your reasonable standard of care with your professional services. Specific industries can purchase Technology E&O to mitigate this risk.
Cyber insurance does not cover employment, discrimination, and directors & officers-related claims. You’ll need a separate policy for management liability insurance.