Cyber Liability: What You Don’t Know Can Hurt You

Cyber Liability: What You Don’t Know Can Hurt You

Cyber liability consists of a business’s liability exposures arising out of the internet and computer network technology, including such events as hacking, virus transmission, privacy breaches, and intellectual property breaches.

The problem for all of us is that there is no fail-safe technology that is immune to hacking. Even if there were, internet security is constantly and quickly evolving as hackers and security experts continuously aim to outwit each other.

Headlines frequently expose the harsh reality of data breaches. Nearly half of all incidents are attributed to lost or stolen equipment. The second largest threat comes from employees, temporary employees and contractors (remember the Target data breach of 2013?). When a breach does occur, 74% of businesses lose customers; 59% face litigation; and 33% incur fines.  The average cost per lost record is just under $150.

Data breaches aren’t exclusive to large corporations. Over 72% of all data breaches occurred in small to medium size businesses. A recent Symantec survey indicates that 40% of all targeted cyber attacks are aimed at companies with under 500 employees.

While business owners may be aware of their potential for a data breach, many believe they are adequately protected and that it won’t happen to them. Even if they were compromised, isn’t a privacy breach covered under normal business insurance? Doesn’t my general liability policy cover me?

In a word, no. The property insurance form protects IT equipment, but not the stored data or the privacy requirements associated with those records. Some insurance carriers may provide some “token” cyber liability coverage but relying on this for a serious data breach is not enough.

Business Interruption coverage will typically not respond to outages caused by computer viruses or hackers. The state of Florida requires notification in the event of a potential loss of personally identifiable information, as well as fines and penalties for not reporting the breach. One thing is for sure: no general liability policy will provide proper reimbursement for the substantial cost to comply with regulatory requirements and subsequent out-of-pocket legal expenses.

Cyber Risk Management

Many data breaches occur because of an employee error or an “inside job” from rogue employees. From passwords tacked on computer screens in plain sight and employees opening suspicious emails and downloading malware to lost laptops and smartphones, a large portion of security breaches occurs because of employee actions. Also, keep in mind that a data breach can occur from paper records as well. Outdated customer information, old credit card receipts, and employee files that were thrown into the dumpster are just as vulnerable as if a hacker logged into your network.

Best practices to mitigate your cyber risk exposure include:

  • Strong Passwords
  • Encryption
  • Control Access to Data
  • Monitor Activity
  • Employee Training
  • Cyber Protocol (Written Policies and Procedures)
  • Risk Transfer – (buy Insurance)

Risk Transfer – What is Cyber Liability Insurance?

The biggest challenge in finding the right cyber liability coverage is the fact that every form is different, making comparison difficult and confusing. Policy premiums also vary dramatically.  The most important way to reduce premiums is to reinforce your security practices before seeking coverage.

Typical coverage parts found in a cyber liability insurance policy include:

Third-Party Coverages

  • Privacy Liability (third-party lawsuits for breaches of private information)
  • Network Security Liability (third-party lawsuits for non-privacy breaches such as viruses, worms, etc.)
  • Media Liability (intellectual property claims such as copyright, trademark, etc.)
  • Virus / Hacking Liability
  • IP Infringement
  • Defamation

First-Party Coverages

  • Information Asset Loss (costs to restore any corrupted or lost data caused by a security breach)
  • System Damage
  • Business Interruption
  • Cyber Extortion
  • Notification Costs (costs to notify an individual that their private info has been breached)
  • Merchant Services (PCI Fines & Penalties)
  • Regulatory Fines & Penalties (costs to defend a regulatory action and/or pay any fines and penalties levied by the government)
  • Cybercrime/fraud, Ransomware
  • Reputational Damage Coverage (the cost to replace income through loss of reputation/customer base)

Cyber liability can have devastating effects on a business. Don’t assume cyber attacks won’t happen to you. Raise your awareness. Take action. What you don’t know can hurt you.

No Comments yet!

Table of Contents

Recents Post
Hotel and Logging SOTM webpage
2024 Hotel and Lodging State of the Market Report
April Pulse webpage
April 2024 The Pulse Newsletter
March Pulse webpage
March 2024 Pulse Newsletter

This document is intended for general information purposes only and should not be construed as advice or opinions on any specific facts or circumstances. The content of this document is made available on an “as is” basis, without warranty of any kind. Baldwin Risk Partners, LLC (“BRP”), its affiliates, and subsidiaries do not guarantee that this information is, or can be relied on for, compliance with any law or regulation, assurance against preventable losses, or freedom from legal liability. This publication is not intended to be legal, underwriting, or any other type of professional advice. BRP does not guarantee any particular outcome and makes no commitment to update any information herein or remove any items that are no longer accurate or complete. Furthermore, BRP does not assume any liability to any person or organization for loss or damage caused by or resulting from any reliance placed on that content. Persons requiring advice should always consult an independent adviser.

Baldwin Risk Partners, LLC offers insurance services through one or more of its insurance licensed entities. Each of the entities may be known by one or more of the logos displayed; all insurance commerce is only conducted through BRP insurance licensed entities. This material is not an offer to sell insurance.

Get in contact with an advisor today to see how BKS can support you.