Cyber Insurance 

Things to look for when choosing the correct coverage:

• Network Security: Insurance against cyber-attacks and hacking attacks.

• Theft and fraud: Cover destruction or loss of the policyholder’s data as the result of a criminal or fraudulent cyber event, including theft and transfer of funds.

• Forensic investigation: Covers the legal, technical, or forensic services necessary to assess whether a cyber-attack has occurred, to assess the impact of the attack, and to stop an attack.

• Business interruption: Covers lost income and related costs where a policyholder is unable to conduct business due to a cyber-event or data loss.

• Social Engineering: is the non-technical cyber strategy that relies on tricking people into breaking standard security practices by manipulating victims into performing various actions or providing confidential information. Social engineering fraud (SEF) is a type of fraud that’s become increasingly common over the last several years, with a large majority of this fraud transpiring over email communications.

• Cyber extortion and ransomware: Provide coverage for the costs associated with the investigation of threats to commit cyber-attacks against the policyholder’s systems and for payments to extortionists who threaten to obtain and disclose sensitive information.

• Reputation Insurance: Insurance against reputation attacks and cyber defamation.

• Computer data loss and restoration: Covers physical damage to, or loss of use of, computer-related assets, including the costs of retrieving and restoring data, hardware, software, or other information destroyed or damaged as the result of a cyber-attack.

• Information Privacy: Covers organizational liabilities arising from actual or alleged non-compliance with any worldwide cyber, information privacy, or identity-related regulation, statute, or the law. For example, this coverage part would cover an organization's legal defense, and ultimate monetary settlement, resulting from a regulatory claim alleging such organization was non-compliant with any covered privacy regulation

• Bricking- Bricking refers to a consumer electronic device that has been damaged beyond repair, making it utterly unusable, often because of damaged firmware, malicious or incorrect software. once they are rendered inoperative, they are virtually useless except as a paperweight or a doorstop

• Insurance and recovery process: Coverage for business interruption loss under cyber insurance policies is becoming more prescriptive, the language in most insurance policies is still somewhat open ended and subject to competing interpretations.  

• Most business interruption coverage includes a waiting period of a certain number of hours and a requirement that net profit or loss, charges and expenses be calculated on an hourly basis. It’s important to recognize that cyber insurance policies provide for the recovery of lost net profits and mitigation costs, as well as continuing expenses, such as employee salaries.