Cyber liability insurance won’t prevent a hack, but it will help you recover from one. There are two main types:
- First-party coverage, which responds to a loss resulting from a cyberattack on your business network
- Third-party coverage, which responds to cyberattacks on others’ systems or networks
Here’s a breakdown of coverage in a cyber liability policy.
| Client notification | States have data breach notification laws that require companies to tell clients about a breach. |
| Free credit monitoring | Services can cost $10 to $30 per month per individual. Most states require businesses to provide it for a year. |
| State and federal penalties | You might be fined if you are found liable for a breach. |
| Legal defense costs | You’ll need to mount a defense if a client sues you for exposing their data. |
| Cost to repair damages | You’ll need tech expertise to rebuild your computer systems and networks. |
| Loss of transferred funds | You’ll want reimbursement for any money lost to a transfer of funds scheme. |
| Ransom negotiations | An expert can help by removing emotions from the process and negotiating a payment reduction. |
| Ransom payments | Some policies reimburse ransom payments, but the conversation around ransom payments is changing. Make sure you understand the exclusions. |
| Business interruption | A cyberattack can put a halt to your business operations. You’ll need time for digital restoration, and business income replacement provides a lifeline. |
| Digital forensics | A digital forensics investigator identifies how a data breach occurred. They help establish liability, and findings often provide a blueprint for preventing future hacks. |
| Public relations | A public relations specialist can help rebuild your business reputation after a nasty hack. |
| Data breach due to stolen property | Cyber liability won’t cover the cost to replace a laptop or other device (that’s property insurance), but it will respond to the data exposed due to the theft. |
| Technology errors and omissions (Tech E&O) | A company can sue its consultants, freelancers or service providers for causing a data vulnerability. If you access companies’ networks as part of your job, Tech E&O can protect you against cyber liability. |
You can’t outsource your liability
Even if you use cloud-based software hosted by another company, it doesn’t relieve your liability. You could be named in a lawsuit or required to provide free credit monitoring services to your customers. Depending on the severity of the breach, a vendor’s insurance limits might not be enough to cover their clients.
Takeaways
- Implement cybersecurity measures (train employees, use multifactor authentication, update your software and require strong passwords).
- Evaluate your vendors’ and partners’ cyber liability insurance and protection protocols.
- Create a cybersecurity and data breach response plan, including insurance.