Secure Our Data
What is it?
Cyber liability insurance has been available for around 10 years; however, most security professionals seem unlikely to have heard of it or know that it exists. In the United States 46 of the 50 states have mandatory requirements for data breach notification and in the UK, the impending draft EU Data Protection Regulation includes mandatory notification of breaches and large none compliance fines therefore cyber security is an area more businesses are starting to focus on as the costs for notifying affected customers can be extremely high, losses significant, and with the addition of regulatory fines. Businesses insure for fire, floods, theft, etc. and now people are starting to see why cyber liability insurance is so important as the losses can be as high as loosing physical assets.
SecureOurData’s cyber insurance covers losses arising from damage to, or loss of information from, Information Technology (IT) systems and networks.
These threats are very real in today’s interconnected world. A UK Government survey estimated that in 2014 81% of large corporations and 60% of small businesses suffered a cyber breach.
The average cost of a cyber-security breach is £600k-£1.15m for large businesses and £65k-115k for SMEs.
What does it cover?
SecureOurData’s cyber insurance which is underwritten at Lloyd’s covers the losses from to damage to or loss of information from, IT systems and networks. Our policies can include significant assistance with managing the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
Generally cyber risks fall into first party and third party risks. Insurance products exist to cover either or both of these types of risk.
First-party insurance covers your business’s own assets. This may include:
- Loss or damage to digital assets such as data or software programmes
- Business interruption from network downtime
- Cyber extortion where third parties threaten to damage or release data if money is not paid to them
- Customer notification expenses when there is a legal or regulatory requirement to notify them of a security or privacy breach
- Regulatory and investigatory fines
- Reputational damage arising from a breach of data that results in loss of intellectual property or customers
- Theft of money, equipment or digital assets
Third-party insurance covers the assets of others, typically your customers. This may include:
- Security and privacy breaches, and the investigation, defence costs and civil damages associated with them
- Multi-media liability, to cover investigation, defence costs and civil damages arising from defamation, breach of privacy or negligence in publication in electronic or print media
- Loss of third party data, including payment of compensation to customers for denial of access, and failure of software or systems
Who needs it?
Does your business hold personal information on clients or customers, including names, addresses and bank details?
Do you have systems and data are held on physical servers or in the cloud?
Are you are reliant on a website for the running of your business?
If you can answer yes to any of the above, then cyber insurance coverage will offer you the protection you may not be aware you need.
As a business of any size it is likely you will rely on IT infrastructure to some degree. If so you will be exposed to the risks of business interruption, income loss, damage management and repair, and possibly reputational damage if IT equipment or systems fail or are interrupted.
While existing insurance policies such as commercial property, business interruption or professional indemnity insurance, may provide some elements of cover against cyber risks, businesses are increasingly buying specialised cyber insurance policies to supplement their existing insurance arrangements, particularly if they:
- hold sensitive customer details such as names and addresses or banking information
- rely heavily on IT systems and websites to conduct their business
- process payment card information as a matter of course
- are subject to a payment card industry (PCI) merchant services agreement
For further information please Contact Us.