Things to consider when purchasing business Cyber Coverage

Following the new GDPR regulations coming in place, companies are scrutinised now more than ever before. The latest cases are those of Bupa – being fined £175,000 by ICO with for systemic data protection failures (employee offered personal information on the dark web) and Tesco Bank being handed a £16.4 million fine by FCA over cyber breach that happened in 2016 (for failure to exercise due skill, care, and diligence in protecting its personal current account holders against a cyber-attack).

There is no shortage of innovative techniques attackers will utilise to breach business defences, but more often than not, we identify a human element to cyber claims, hence the importance of having proper controls and robust staff training process in place to prevent the worst from happening.

As a wholesale broker, Citynet Cyber Services can map the risks your organisation is facing and ensure these are sufficiently managed through insurance.

• Growing risks of a cyberattack- Understanding the GDPR legislation and the changing DPA (Data Protection Act) is critical for all companies.
• Cyber insurance should be bought from a broker that has expertise in cyber. The broker will need to review existing policies and find any gaps where coverage doesn’t currently exist
• A blend of insurance policies such as Professional Indemnity Insurance together with Cyber Insurance can be used to achieve a suitable level of coverage
• Ensure that the cyber insurer provides comprehensive post-breach services

Based on your business size, sectors and geographic locations it operates in, your cyber protection needs may vary. There are a few further things one can look at for when deciding on a cyber-insurance policy cover, such as:

1. Network security coverage, including hardware, software, physical and staff status – cover extends employee actions, business process outsourcing (BPO) or outsourced IT provider.
2. Data breach incident response, including attack recognition, response planning, and recovery planning – cover includes damages resulting from alleged violations of privacy laws and regulations.
3. Multimedia liability – in other words, infringement of domain name, copyright, trade names, logo, and service mark on internet or intranet site.
4. Laptop insurance
5. Cyber business interruption coverage – includes lost revenue as a result of a cyber-breach.
6. Coverage for cyber extortion and terrorism – cover includes credible threat to introduce malicious code; pharm and phish customer systems; or to corrupt, damage or destroy systems.
7. Litigation and enforcement proceedings, not including governmental fines
8. Loss in association with 3rd party systems
9. Lost/stolen data and digital asset
10. Crisis management and PR – cover to restore your reputation as a result of a data breach
11. Forensics
12. Ransomware – a form of malware that locks victims out of being able to access their data until a ransom is paid

“The accelerated pace of today’s digital transformation, business interruption and data breach will continue to be significant drivers of loss at present and into the future.  Methods used by cyber criminals are becoming more sophisticated, whether it is a small business or a larger corporation, cyber liability insurance will help you keep on top of the threats as well as lessening the damage of the breach,” added Rebecca Johnston – Professional Indemnity Broker at Citynet.