In part I of this entry, we explained the history and usefulness of an insurance policy that guarantees us protection against cyber risks. We will now look at the possible coverage that it has to offer.
Types of insurance against cyber-attacks
We will find types of completely different policiessome will only cover the Civil Liability The insured will be responsible for the insured, while others will have First Party guarantees (own damage). These are the options:
- Third Party Loss (civil liability): when a third party claims against us for damages that we may have caused. Compensation for which the insured may be liable plus defence costs are covered.
- Regulatory proceduresThe aim is to cover sanctioning procedures by the Administration, together with their possible sanctioning
- Expenditure on incident managementThis is very important, as it covers forensic expenses to determine the origin and extent of the damage, as well as legal advice, call centres and expenses associated with compensating for the reputational damage caused.
- First Party LossThis means the loss of revenue caused by such a systems failure, e.g. a business interruption.
As is to be expected, these professional cyber insurance will have a very different cost depending on the value of the assets under threat, size of the company, level of digital exposure, etc.
Where can we find the source of a claim?
The causes of cyber or computer-related disasters may not only be in a security breach. It is also very often caused by a human error. This is why so much effort is put into training people to be able to detect indicators of possible viruses that are triggered by clicking on a link or opening an email, for example.
Other causes may be: a programming error, usurpation of intellectual property of third parties, ...
The latter may have to be negotiated with the insurance company on a case-by-case basis in order to be offered such coverage.
Examples of cyber incidents:
- The American supermarket chain TargetThe company's security breach, which disseminated personal customer data (hundreds of millions of dollars in losses).
- The airline Delta, also American: failure in their systems that caused errors in flight time information, reservations and so on, also with millions of dollars in losses, hundreds of cancelled and postponed flights.
Why do SMEs apply for these cyber risk policies?
The security levels of SMEs are much lower, The cyber threats to which they are exposed are the same as for large companies.
At the same time, the frequency of these attacks is increasing with each passing day (100,000 attacks in 2016, double that of 2015). Spain is also the third most targeted country in the world, behind only the US and the UK.
Advice:
- Take out an insurance policy unlimited retroactivityWe always advise you to take out a Civil Liability policy. In this way we ensure that we cover any claims that, although not yet notified, may come to us in the future, for past events.
- Get advice from a Insurance Broker who can help you in the process of taking out a policy of these characteristics.
Our Brokerage, as specialist in company insurance, has analysed the different products of the insurance companies. We are able to advise you on the one that best suits your needs. If you need it, contact us.
