Do you insure your Cyber Liability and Cyber Crime risks?

By John Isles, managing director, Rowlands & Hames

With cyber security and impending GDPR regulations making regular headlines, it’s surprising how few firms hold Cyber & Data Liability Insurance or Cyber Crime Insurance.

It’s worrying many directors don’t even know such cover is available.

Many wrongfully assume there’s automatic cover within their existing insurance programme, but this is rarely the case and insurance brokers should be pointing this out.

Cyber Liability coverage typically incorporates: Privacy Protection & Cyber Breach Costs (breach of confidentiality; security failure; failure to notify the regulator; legally insurable fines; PCI charges; and Regulatory defence costs and awards; notification costs and credit monitoring services) Cyber Business/Network Interruption (loss of revenue or gross profit following attacks or security failures) Hacker Damage and Data restoration Cyber Extortion (such as ransomware) Social Media Liability (including intellectual property rights breach and defamation) Immediate Response, Crisis Containment & Public Relations and Reputational Protection costs Always ensure cover extends to cloud-based services if any data is stored or processed in external data centres. Premiums generally start from a few hundred pounds, £500 to £1,000 should purchase £250,000 limit of indemnity for many firms. Higher limits of indemnity must be considered depending upon turnover, number of client records and the type of data stored and processed.

Cyber Crime can now often be included within some Cyber Liability policies, although it’s more commonly included within a true ‘crime’ policy which otherwise caters for internal and external fraud. Losses can be huge and whilst risk management prevention is key, if the worst does happen, almost every business should be availing itself of Cyber Liability and Cyber Crime insurances.