How Does Cyber Insurance Work? All You Need To Know

How does cyber insurance work? Handling a data breach involves more than just fixing databases, enhancing security protocols, or replacing lost devices.

Regulations mandate companies to notify affected customers, which increases costs when personal or confidential data is compromised.

Conventional business insurance may not adequately protect against cybercrime. So, how does cyber insurance work?

Typically, cyber insurance offers a range of coverage options. To secure the most suitable coverage for your company, you and your agent must collaborate to customize the coverage according to the specific risks your business faces.

Below, we clarify typical components found in a Travelers cyber insurance policy.

How does cyber insurance work
Cyber insurance helps an organization pay for any financial losses they may incur in the event of a cyberattack or data breach: Image source (Fortinet)

Types of Coverage

What cyber insurance does: Companies must keep customer PHI and PII confidential. Exposing it may lead to liability. Coverage protects against liability and reimburses for breach expenses. These expenses could include legal counsel, digital forensics, notification, crisis communications, and credit monitoring.

Why cyber insurance is important: Numerous companies store confidential data such as PHI, PII, and corporate information. This can include records for multiple companies, increasing liability in case of a breach. For instance, an employee benefits firm may hold records for numerous client companies, amplifying potential liabilities.

Third-Party (liability) and First-Party Coverage

What it does: Companies must keep customer PHI and PII confidential to avoid liability. Coverage protects against this and reimburses expenses like legal counsel, digital forensics, notifications, crisis communications, and setting up monitoring for affected parties.

Why it’s important: Numerous companies hold sensitive data like customer information, PHI, and PII. This includes corporate data they store for themselves or others. For instance, an employee benefits firm may have records for multiple companies it serves. A single breach could lead to substantial liability.

Worldwide Coverage

What worldwide coverage does: Claims and events can occur anywhere in the world, and notification requirements differ by location. To help fulfill these requirements, policyholders can access Travelers’ network of forensics, crisis communications and legal experts to address claims made or events occurring anywhere in the world.

Why world-wide coverage is important: If a company has a data breach, it must follow the privacy laws that govern where its customers live, not just where it is headquartered. This can be costly, confusing and time-consuming for a company without specialized resources.

Other Coverages

Travelers CyberRisk insurance against cyberattacks also includes betterment coverage. This provides for costs to improve a computer system after a security breach, when improvements are recommended to eliminate vulnerabilities that could lead to further breaches.

Distinct Insuring Agreements (with the ability to set limits and retentions for each insuring agreement)

What it does: Having separate insuring agreements allows companies to be covered for different risks, at different levels. This gives companies more protection as companies can choose to set a higher limit for a specific risk, based on their business’ unique needs.

Why it’s important: There are a number of different ways that cyber crime can affect a company, from e-commerce extortion to funds transfer fraud. Having distinct insuring agreements helps protect against a diverse set of risks.

Extended Reporting Period

What it does: This gives companies more time to detect and report a data breach. It extends the reporting period, typically 90 days, and includes crisis management and security breach expense coverage.

Why it’s important: Given the nature of data breaches, a company might not realize that it suffered a breach until after the end of the cyber policy.

Read more: Does progressive have business insurance

First-Party Coverage for Computer Program and Electronic Data Restoration Expenses

What it does: This coverage reimburses companies for expenses related to recovering from damages to computer programs and electronic data.

Why it’s important: Not all cyber claims are related to an actual data breach. For example, malware downloaded from an email could lead to lost, encrypted or otherwise damaged files, requiring expenses to repair and restore.

Business Interruption Coverage

What it does: This coverage applies to expenses and lost revenue due to a computer virus or denial-of-service attack that impairs a computer system.

Why it’s important: While many companies may have business interruption coverage as part of their property coverage, cyber crimes may not be covered.

Your coverage includes:

  • Buying an identity fraud insurance policy.
  • Getting credit monitoring services.
  • Accessing computer forensics.
  • Consulting a Breach Coach for initial breach response advice.

Cyber insurance also can help protect you before a breach. Travelers customers have access to risk management services, cyber security experts and other resources to help prevent a data breach. Perhaps just as importantly, having cyber insurance can help prepare your company to respond effectively in the critical hours and days following a data breach.

Leave a Comment