It is the advent of regulations concerning consumer and corporate issues of cyber crime and breaches in data storage coupled with an expanding online world to transact business that has spurned the development of insurance for cyber liability.
Where insurance coverage is concerned there are a host of items to consider. In general you want the broadest coverage possible. This is true both in terms of perils covered and in the types of information and their handling that are covered.
Necessary Information Coverage Ensure coverage includes all electronic data as well as all physical (paper, laptop, portable disk, personal digital assistant (PDA), etc.) breaches. Over 300 laptops are lost or stolen daily in US airports. All of these media are subject to breach notification laws and therefore present an exposure. Coverage should include both personal (Identifying, medical and other personal information) and corporate information, which can also be costly for the insured. Corporate data is company data. Some policies will only cover employee data or customer information.
Causes of Loss Ensure you are covered for a comprehensive set of potential issues. Think internal problems will never happen to you? Here is a report from Virginia courts just sent to SMG from a professional contact. Some 2010 statistics from the Poneman Institute give you a better indication for the potential source of issues stemming from cyber or data issues.
Third Party Liability The focus of this coverage is to cover liability arising from violations of privacy and data breach notification laws. These policies may also include coverage for a number of other types of liability, such as liability from transmitting a computer virus to another party or from copyright infringement included in the insured’s website. Policies are typically written on a claims made basis. Here is where you need to pay attention. It is important to pay attention to the prior acts date included in the policy, keeping it as far in the past as possible. More than half of all breaches take weeks or months from the date of first compromise to discovery.
You’ll know if you are working with the right broker if he/she is advocating on your behalf with carriers when it comes to items such as those listed here. Your broker should also have a clear understanding for your business practices and how they intersect with the regulatory landscape related to cyber crime and negligence. For a more comprehensive look at cyber liability coverages refer to SMG article: Cyber Liability Part II: Insurance. Another excellent reference point is the International Risk Management Institute.
Scott Graves is passionate about helping business owners. Tune in to his show ‘The No Boundaries Radio Hour’ with co-Host Dennis Mannone on the No Boundaries Radio Network. Meet him at the crossroads between strategy and innovation at scott@smgravesassociates.com or twitter @smgcreative.