cyber-insurance-coverageEvery business today regardless of size or industry confronts cyber risks. To make sure your clients understand how to leverage cyber liability insurance, we put together a checklist of items for you to understand. These coverages are often varied and can be sticking points when filing claims.

What Does The Policy Cover?

There is a ton of variation policy to policy on coverage. Your client may think everything is covered, but likely something very important is not. Here is a list of coverages you will want to know about and make sure your client understands before signing up for a new policy.

Today, I want to walk through some of the policy coverages. As you work through the renewal process on a policy or help your client purchase a new policy, you will want to start getting them to think about their risks.

Insurance basically is transferring some of the risk they are currently stomaching onto the insurance provider. It is not a guarantee that everything will be okay and certainly is no replacement for your advanced security stack solutions.

As you talk about what is and is not covered by their policy and help them understand that insurance does not completely eradicate risks from a ransomware attack or breach, you will need to communicate what they are willing to tolerate.

You might first help them understand some of the more tangible risks to their business by conducting a tabletop exercise. Or you might want to demonstrate what exactly a hacker can get into by the simple click of a link (one easy way to do this is to test their current cyber stack).

But as you start them on their security journey and understanding where their risks lie, you will most certainly want to help them through the mine field of insurance policy coverages. What’s covered. What’s not. And what coverages are appropriate. Here is a list of some of the most common coverages in cyber liability insurance today.

  • Network security coverage—This type of coverage is important for pretty much all cyber policies. It can encompass breaches, malware, ransomware or data leakages to provide legal protection, forensic work, a recovery strategy and client notifications/ identity monitoring support after an event.
  • Ransomware—Most policies do cover ransomware, but many do not cover all ransomware attacks and some don’t cover ransomware at all. Make sure you know how your policy will respond to ransomware claims.
  • Nation States—be especially cautious to identify whether the policy covers nation-state attacks and be able to communicate to your clients why this is important. Many policies have been excluding nation states in their cyber policy coverage.
  • System Downtime—Some policies cover the net income lost during system disruptions—known as business interruption coverage or business income coverage. This will pay for the period of time until your systems are restored. Many policies do not cover any downtime.
  • Wire transfers or social engineering—Often optional coverage. Don’t assume your policy will automatically cover instances social engineering attacks or wire transfers. Since this is a very common attack, consult with your client on how to deal with this risk—whether through insurance coverage or other controls within their organization.
  • Privacy coverage—this coverage may be important if your client handles a lot of employee or customer data. Think businesses handling personally identifiable information (PII) or personal health information (PHI). This coverage covers liabilities associated with privacy or security breaches and helps cover legal fees, fines and penalties arising from a breach.
  • Forensic coverage—This coverage pays for a third-party team completing comprehensive discovery of what happened during the incident.
  • Legal coverage—legal coverage will provide your client with legal counsel if a data breach leads to a lawsuit. If legal coverages are not explicitly mentioned in the policy, your client may be footing the bill for all legal fees.
  • Credit Monitoring and IT repair coverage—Credit monitoring and IT repair costs should be covered by most broad-spectrum policies.
  • Third-party software vendors—If you rely on software vendors to run your business, many insurance companies will offer coverage that pays for net lost income while that system gets restored. This is commonly referred to as dependent business interruption coverage.
  • Data Breaches—A good policy covers liability from data breaches that are not just related to a cyberattack. Understand how your policy defines a data breach. It may narrowly cover digital breaches, but more often covers all types of data (digital, sensitive information, physical) leaking from an organization.

Remember, helping your clients through insurance renewals is a good way to establish value and trust with them. BUT insurance is not a golden ticket to a get out of jail free card if something were to happen. Unless you are testing your cyber stack and communicating the benefits of that stack to decisionmakers at client sites, you insurance might not cover everything or anything at the end of the day.