Companies in the financial industry are increasingly vulnerable to the menace of cybercrime. Cyber criminals are smart, and even businesses that take preventive measures can still find themselves vulnerable to a determined hacker. Learn all you need to know about protecting your company and clients with these frequently asked questions.
What is Cyber Liability Insurance?
Cyber Liability insurance is designed to mitigate loss from a variety of cyber incidents, such as:
- Malicious destruction of data
- Denial of service attack
- Virus, malware, spyware, etc.
- Accidental damage of data
- Human error
- Electrical power surges/natural disasters
- IT system failure
- Cyber extortion threats
- Breach of privacy
- Misuse of personal data
- Defamation or slander
- Transmission of malicious content
For a complete list of coverage, please contact us at 866.386.2544.
How do data breaches happen?
Data security breaches can occur in many ways, including:
- Employee theft
- Theft or loss of equipment (such as laptops and hard drives)
- Unintentional exposure of data on the internet
- Improper disposal of data and more
Who Should Have Cyber Liability Coverage?
Every company that handles any personally identifiable information or provides any type if IT-related work should have Cyber Liability Insurance.
Can I protect my business without purchasing Cyber Liability Insurance?
There are many ways to mitigate the risk of cyber threats, including staff education, encryption, bring-your-own-device policies and password policies. However, even the most prepared businesses can be exposed to a cyber-attack. Cyber Liability Insurance covers associated costs of an attack, including privacy breach notifications, loss of income, recovery of network infrastructure, potential litigation and regulatory fines/penalties.
Doesn’t my Professional Liability policy include cyber coverage?
Many companies believe that cyber liability risks are already covered by Professional Liability Insurance. While your policy may provide some coverage for cyber liability risks, there are often huge gaps or grey areas. For example, most Professional Liability policies will cover the computers themselves, but not any data stored within them. If your business does fall victim to a cyber-attack, your Professional Liability policy will not cover the legal costs and interruption of business expenses.
Our IT Department uses the state of the art protection. Why do we need still need cyber liability?
Having the latest technology, firewalls and encryption will reduce the risks of a breach occurring from the outside. However, a large number of cyber threats come from human error. Whether a laptop is lost or a client file is thrown away without going through the shredder, employees can contribute to cyber-attacks unknowingly. Having proper cyber liability insurance coverage in place is just one more check mark on your list to give peace of mind.
What if we store client data in the cloud?
When client information is stored in the cloud, it is technically stored off site. The information can even be stored in another country, where it may be subject to international search and seizure laws. When storing client information in the cloud, always ask the following questions:
- Will the information in the cloud be encrypted?
- Have the clients provided their written consent to place information in the cloud?
- Does the cloud provider employ adequate security to protect the data?
- Will data be stored internationally? If so, will it be subject to search and seizure?
Only use a cloud provider that can provide reasonable assurance that your data will be protected. However, there are still chances your business is liable for certain incidents. It all depends on the contractual agreement wording between you, your clients and the vendors. To learn if your business is liable, contact us at firstname.lastname@example.org.
How much do I need to pay to cover my business?
The cost of cyber insurance varies greatly depending on the type of business you have and depth of coverage you require. Though it can seem costly, it is miniscule compared to the out of pocket costs your business could incur in the event of an attack. Various studies have averaged the cost per record breached as $190-$200, which can add up to thousands or millions of dollars very quickly.
If a breach occurs, do I have to report it?
There is no federal law yet in existence that mandates all breaches to be reported or fines be enacted if they’re not reported. However, 47 of 50 states require breaches to be reported.
If you are a national firm servicing multiple states, a single breach could cost an enormous amount just in legal fees to translate each state law and report individually to each state. Having the proper coverage in place helps you cover those legal fees.