Cyber liability insurance covers financial losses that result from data breaches and other cyber events.
Policies vary widely because most insurers that offer cyber coverage use forms they’ve developed themselves. Many policies include both first-party and third-party coverages. First-party coverages pay out-of-pocket expenses that a firm directly incurs as a result of a breach. Third-party coverages apply to damages or settlements a business is obligated to pay as a result of claims or suits for injuries that result from the company’s actions or failure to act. For instance, a client sues his therapist for negligence after a hacker breaches the therapist’s computer system, steals the client’s treatment records, and releases them online. Many cyber policies provide a range of coverages, some of which are automatically included and others that are optional. A separate limit may apply to each coverage. Some coverages may apply only after the insured business has paid a deductible or a retention.
- Data restoration:
Covers the cost to replace or restore electronic data, programs, or software damaged or destroyed by a hacker attack, a virus, denial of service (DoS) attack, or other covered peril.
- Loss of income and extra expenses: Covers income losses sustained by a business and extra expenses it incurs to restore its operations following a shutdown caused by a computer virus, hacker attack, or other covered peril. Some policies cover income a business loses because a supplier, distributor, or other company that it depends on has been forced to shut down due to a data breach.
- Cyber extortion:
Covers a ransom paid to a hacker who’s breached a company’s computer system and threatened to commit a nefarious act like damaging data, introducing a virus, initiating a DoS attack, or releasing confidential data unless the ransom is paid. Policies generally cover any extortion payment made with the insurer’s consent plus related expenses, such as the cost of hiring an expert to negotiate with the extortionist.
- Notification costs:
Covers the cost of notifying parties whose data has been affected by a data breach. This coverage is important because most states have laws requiring businesses to inform individuals when their personal information has been compromised. Policies may also cover the cost of providing credit monitoring services and establishing a call center.
- Crisis management:
Most cyber policies afford some coverage for crisis management expenses. Depending on the policy, coverage may include the cost of hiring an attorney, forensic accountant, computer expert, or public relations expert to assess the scope of the damage, determine whose data was compromised, help mitigate the loss, and protect the company’s reputation.
Need an insurance quote? Get in touch!
Access quotes from New York's most trusted insurance carriers. It’s comparison shopping at the click of a mouse.