What does cyber insurance cover for small businesses?

July 20, 2019

Primarily Cyber coverage covers a business against risks associated with damages resulting from a breach of its computer systems. Hacking attacks can result in different types of damages such as data theft or bringing down a companies website. Cyber insurance would mitigate the cost associated with the damage that these types of computer hacks can do. So what exactly does the insurance cover?

To begin with, Cyber Insurance policies will cover 1st party and 3rd party damages, so what does that mean? 1st party damages are costs incurred directly by the insured as a result of a cyber incident. If you have direct costs associated with a cyber incident, 1st party coverages within a Cyber Insurance policy are there to make you whole. 3rd party damages are damages incurred by an 3rd party such your customers. In this instance you as the insured  are the 1st party and the insurance company is the 2nd party. If your customers, a 3rd party, were financially harmed as a result of a Cyber incident your company were to suffer, your insurance would cover the associated 3rd party damages. So the next question is what are some examples of these costs the insurance would cover?

Since 3rd party damages would be what most people are familiar with I will begin there. Damages like this are the ones you most hear about because they are most commonly associated with big hacks and data breaches where highly sensitive data is compromised. This as you can imagine leads to lawsuits. Your customers, vendors, even your employees who’s data is compromised or is injured as a result of a data breach are within their right to take legal action against you. These are 3rd parties and all of them can file suit. In such an event, the insurance will cover the legal cost of your defense and as well as damages a court finds you responsible for. In this instance, a parallel would be General Liability insurance for a company if someone got injured on your premises or Errors and Omissions if a client were to suffer damages as a result of your professional negligence. Cyber Liability simply covers a different set of risks.

1st party coverages don’t get as much attention as 3rd party but are still very important to have in place. There are many direct costs a company can incur as a result of a cyber incident, some examples are as follows:

  • Public Relations Costs
  • Credit Monitoring
  • Cost to Restore/Recreate data
  • Coverage for Fines and penalties
  • Business Interruption Expenses
  • Notification Costs
  • Forensic Investigation Costs
  • Cyber Extortion

Without 1st party coverage, these costs would come out of the insureds pocket.

More posts