In today’s digital age, security breaches are becoming more common, and it’s often a matter of when, not if, your business will be targeted. With the amount of personal data exchanged in cyberspace, companies are responsible for complying with regulations and protecting customer information. In the event of a breach, like the one experienced by LinkedIn, the business holding the data is held accountable.

What is cyber liability insurance?

Cyber liability insurance cover (CLIC) has been available on the market since about 2006. CLIC policies cover a business’ liability for a data breach in which the firm’s customers’ personal information, such as Social Security or credit card numbers, is exposed or stolen by a hacker or other criminal who has gained access to the firm’s electronic network. This insurance allows to mitigate risks related to security breaches, namely, by transferring the risk (quantified in financial value) – insuring against it. Such risks are primarily related to the mandatory data breach requirements in most countries (Canada, US, EU) – if you have been breached, you must notify your clients, and the costs of notification can be very high (including loss of revenue, lawsuits, etc.).

Such costs force many business owners to consider CLIC among the other risk management tools – flood, fire, theft insurance. Cyber insurance cover is enormously beneficial in the event of a large-scale security incident, as it provides a funding mechanism to recover from major losses, helping businesses return to normal operations.

What CLIC cover from

Presently, CLIC can include:

  • Data breach/privacy crisis management cover (expenses related to the management of an incident, the investigation, the remediation, data subject notification, call management, credit checking for data subjects, legal costs, court attendance and regulatory fines)
  • Multimedia/Media liability cover (third-party damages, like defacement of website and intellectual property rights infringement)
  • Extortion liability cover (losses due to a threat of extortion, professional fees related to dealing with the extortion)
  • Network security liability (third-party damages as a result of denial of access, costs related to data on third-party suppliers, costs related to the theft of data on third-party systems).

Apart from that, cyber liability cover can include expenses related to mitigating data breach risks, such as security audit costs (BALANCED+ has done such audits for its clients).

Who needs cyber liability insurance?

All businesses carry confidential client information, however there are different classes of such information. For example, breaches related to data such as credit card information, medical information, social insurance numbers will be of higher risk that breaches related to name and address. For example, in Ontario there exists the Personal Health Information Protection Act (PHIPA), which puts very stringent requirements on handling of individuals’ health information.

Our Thoughts:

Cyber liability insurance is an essential risk management tool for businesses in today’s digital age. BALANCED+ offers security audit services and can help determine the appropriate coverage needed for your business. Contact us to learn more and protect your business from potential cyber threats.