Cyber Liability Coverage
Can your agency afford to weather a data security breach?
What is cyber insurance?
Cyber insurance covers your business’ liability for a data breach that includes sensitive customer information. This could include things like Social Security numbers, credit card numbers, account numbers, driver’s license numbers, and even medical records.
Why doesn’t my general liability insurance cover cyber liability?
GLI covers bodily injuries and damage to property which is a result of your products, services, or operations. Be sure to check your policy because cyber insurance is usually not included in your general liability policy.
What does cyber insurance cover?
- Legal fees and expenses as well as:
- Restoring personal identities of affected customers
- Notifying customers about a data breach
- Repairing damaged computer systems
- Recovering compromised data
- What to look for as a cyber insurance buyer
Many well-known insurance companies offer cyber insurance policies. We work with the top carriers in the country to be sure your needs are met.
Like any business insurance, cyber insurance coverage varies by insurer and policy.
When shopping around and comparing policies among insurers, here are some things to look for and ask about:
- What are the deductibles? Be sure to compare deductibles closely among insurers, just like you do with health, vehicle, and facility policies.
- Does the insurance company offer one or more types of cyber insurance policies or is the coverage simply an extension to an existing policy? In most cases, a stand-alone policy is best and more comprehensive. Also, find out if the policy is customizable to an organization.
- How do coverage and limits apply to both first and third parties? For example, does the policy cover, third-party service providers? On that note, find out if your service providers have cyber insurance and how it affects your agreement.
- Does the policy cover any attack on which an organization falls victim or only targeted attacks against that organization in particular?
- Does the policy cover non-malicious actions taken by an employee? This is part of the E&O coverage that applies to cyber insurance as well.
- Does the policy cover social engineering as well as network attacks? Social engineering plays a role in all kinds of attacks, including phishing, spear-phishing, and advanced persistent threats (APTs).
- Because APTs take place over time, which can be months to years, does the policy include time frames within which coverage applies?