Cyber Coverage

In today’s world, millions of businesses transmit and store personal identifying information in their computer databases each and every day.  Whether your insured is a small retail store, a financial services organization or a doctor’s office, to name a few, all business are obligated to use all available means to safeguard the personal identifying information or their clients.   In the event of a data breach, the affected company must notify all individuals whose personal identifying information and financial information (such as credit card numbers) has been stolen.  The company victimized by the breach must undertake a very costly forensic investigation to determine exactly what was stolen.

 

Cyber policies provide first and third party coverage for breaches caused by the following non-exhaustive list:

  • E-mail breaches caused by phishing and social engineering (fraudulent transfer instructions)
  • Unauthorized system access
  • Unauthorized disclosure of information arising out a breach
  • Accidental disclosure of information
  • Deliberate disclosure of information by a rogue employee
  • Ransomware demands (hacker locks you out of your network which, if the insured hasn’t backed up its data, can only be unlocked by paying for an decryption key which only the hacker possesses)
  • Transmission of malware such as a bug, worm, virus, rootkit, RAM Scraper or Trojan Horse
  • Distributed Denial of Service attacks sent from the insured’s system to a third party

 

Cyber policies indemnify the insured for:

  • Acts, errors or omissions in connection with failure to safeguard PII, PHI or PCI
  • Costs to restore network to pre-loss condition, including identifying and remedying defects that led to breach
  • Costs to notify affected individuals
  • Payment of PCI fines and costs
  • Payment of Ransomware demands
  • Business Interruption loss for net income insured would have earned had network not been taken out of service due to a breach
  • Protection of data assets
  • Telephone toll fraud

 

Cyber policies provide third-party coverage to the insured for:

  • Legal Defense of regulatory actions arising out of a breach, including payments of fines and penalties resulting from regulatory investigation
  • Legal defense and settlement costs for lawsuits filed against the insured by customers and financial institutions
  • Negligent transmission of a malware from the insured’s network to a third party or Distributed Denial of Service attack
  • Defense of personal injury related offenses arising out of content published on an insured’s web site, such as defamation, infringement of intellectual property rights (Trademark, copyright, trade dress, etc.), stealing another’s ideas and passing off as your own

 

Cyber insurance policies provide an extensive claims portfolio that includes the following products and services:

  • A 24 hour breach response hotline which the insured should call immediately upon learning of a breach or in the event of a suspected breach;
  • Expert computer forensics who will determine where the network infrastructure was breached and how to remedy the defects;
  • Legal counsel to handle the regulatory notice requirements to affected individuals, and to represent the insured should a state commence a regulatory investigation
  • Breach resolution and mitigation services including free credit monitoring, credit repair and restoration costs, identity theft monitoring expenses, identity theft education and assistance for affected individuals
  • Public relations and crisis management expenses when an insured’s reputation/brand is adversely affected by the security breach
  • Preventive loss control and risk management services that provide an assessment of an insured’s network security and IT infrastructure and to offer guidance on how to bolster the network before it is breached
  • Assistance in developing an Incident Response Plan for network security breach situations

 

Your clients can complete this QSR Cyber Application for a prompt, non-binding indication.

An even shorter application can be found here: Cyber Application

[Note: This application must be submitted to the carrier and cannot be used for an online indication.]