BOOKMARK, COMMENT, ORGANIZE, SEARCH

IT'S SIMPLE AND IT WORKS

Popular Categories

software (9409)
internet (9250)
business (8210)
online (6824)
health (6764)
free (5978)
home (5803)
news (5665)
tools (5066)
web (4913)
web2.0 (4201)
game (4149)
& (3840)
shopping (3790)
social (3616)
games (3516)
golf (3451)
default (3376)
blog (3205)
search (3120)
design (3102)
arizona (3094)
music (2910)
lasvegas (2880)
mortgage (2856)
myrtlebeach (2855)
golfswing (2852)
golfclubs (2851)
desktop (2843)
credit (2819)
windows (2726)
download (2700)
mp3 (2606)
file (2502)
management (2450)
screen (2440)
bookmarks (2394)
video (2374)
security (2321)
money (2251)
loans (2243)
loan (2223)
screensaver (2159)
utilities (2150)
email (2118)
education (2104)
image (1968)
debt (1942)
finance (1915)
to (1907)

Cyber Liability Insurance: Not IF Your Customers Will Need It, But WHEN

by Stephen Vallone

posted in Insurance

Syndicate This Article
In 2013 and 2014, high-profile data breaches at several major retailers and banks put millions of customer credit card numbers in criminal hands. These events put large numbers of people at risk of identity theft, and incurred millions of dollars in IT consulting, legal, and public relations costs to the companies.
But data breaches don't just happen to global corporations. Any organization that stores its data digitally is a target. According to the Chubb Institute's 2012 report, US Public Companies' Perceptions of Risk, and Their Risk Mitigation Strategies, approximately 2 in 5 companies surveyed experienced a major data breach, with an average cost of $5.5 million. And according to Verizon's 2012 Data Breach Investigations Report, a large majority of data breaches were found to take place in companies with 100 employees or fewer.
The costs of a data breach can be damaging to larger corporations-and ruinous to smaller ones. Cyber liability insurance is the only product that covers the financial fallout of these events. For insurance agents, this type of coverage represents a significant opportunity.
What Is Cyber Liability Insurance?
Cyber liability policies are specialty lines designed to provide the coverage most corporate policies don't offer when it comes to data breaches. These policies are usually tailored to the specific risks faced by individual insureds. Possible costs to be covered include:
• Emergency data breach response and crisis management.
• Legal expenses-including privacy legal consulting and defense.
• Regulatory fines and defense expenses.
• Network security and IT-related costs.
• Claims from 3rd-party vendors and suppliers.
• Class action claims by affected consumers.
• Customer notification, credit monitoring, and remediation costs.
• Website vandalization and defacement.
• Loss of business due to breach of public trust.
• Public relations expenses.
• Cyber extortion and ransom demands.
• Intellectual property infringement.
• Network downtime costs, including loss of business income due to downtime.
There is often overlap between cyber liability coverage and other corporate policies, such as crime coverage. But the damage caused by data breaches can be extremely broad, and no other type of corporate insurance covers all or even most of the cost. That's why this type of coverage is so essential to any organization with digital data and assets to protect.
Who Needs Cyber Liability Insurance?
When we think of data breaches, most of us think of high-profile events with recognizable nationwide or global brands. And while it's true that these companies are obvious targets, small and mid-sized businesses are often even more vulnerable. Hackers are aware that smaller companies often don't have the resources to fully protect their data or investigate a breach.
And while these high-profile examples are in retail and finance, neither is the most high-risk industry. According to the Identity Theft Research Center's 2014 Data Breach Reports, the sectors that experienced the highest number of data breaches in 2014 were as follows:
• Medical and healthcare: 42.5%
• Business: 33%
• Government and military: 11.7%
• Education: 7.3%
• Finance and banking: 5.5%
However, the application for cyber liability insurance is broad-and there's a case to be made for this type of insurance in almost every organization and industry, both in the United States and abroad.
The law is also catching up. Currently 47 US states, the District of Columbia, Guam, Puerto Rico, and the Virgin Islands have mandatory breach notification laws requiring companies to inform customers when their data has been compromised. In Europe, the pending EU Data Protection Regulation will impose a similar requirement. The SEC also has a guidance framework in place for public companies, strongly urging that they divulge data breaches and hacking incidents on their networks.
This means that no company based in these areas can legally or ethically keep a data breach out of the public eye, which only compounds the cost to the company's bottom line and reputation. The expenses incurred-including legal, notification, public relations, IT forensics, and loss-of-business costs due to erosion of public trust-can quickly build up.
As the cost of a breach continues to grow, it's likely that cyber liability insurance will become the norm across a variety of industries-especially the most high-risk.
Overcoming Barriers to Purchase
Despite the growing dangers and regulatory trends, most public companies still haven't purchased cyber liability insurance. Here are a few reasons why:
Lack of familiarity among insureds. This is still a new insurance product. One reason it's not a common purchase may be that decision-makers don't know it's an option. However, awareness of cyber risk is growing. According to the Chubb Institute report, 63% of decision-makers surveyed expressed concern over data breaches, and 52% are taking steps to enhance digital security. This is good news for insurance agents. It indicates a huge opportunity to speak to that concern by educating decision-makers about cyber insurance.
Cost of coverage. There's opportunity here for insurance agents to guide their customers in reducing premium costs. Companies can reduce the cost of premiums by taking pre-emptive steps to mitigate risk, such as assessing their own specific risks and implementing a targeted IT security policy.
Lack of familiarity among insurance agents. Despite the clear need for it, cyber liability insurance is a new budget item for many companies-and persuading them to spend the money can be a daunting task for insurance agents unfamiliar with the product.
This field encompasses a specialized spectrum of technical and insurance expertise. Especially for agents who are new to the field, it's crucial to find a wholesale broker who can present to the insured, provide options they can understand, consult with them to mitigate risk, and serve as a partner to new insurance agents in building credibility.
Choosing a Wholesale Insurance Broker for Cyber Liability Insurance
A wholesale insurance broker is essential in placing cyber liability risk, and can be an extremely valuable partner in presenting to insureds. But not every broker has the expertise to answer tough technical and financial questions from insureds. Here are some key deliverables to look for.
A proposal that identifies your insured's pain points. A good proposal will be able to pinpoint your insured's vulnerabilities right away, and identify appropriate coverage and limits based on evidence such as real-time data and examples of prior claims for similar businesses. It should take into account the following:
• Business plan
• E-commerce system
• Data collection practices
• Regulatory exposure
• Data security procedures
• Privacy policies
• PCI exposures
• Aggregate loss exposure
A current library of claims. The wholesale broker should maintain a current library of claims examples for every industry-including that of your insured. This gives their team the ability to analyze risk exposure prior to an incident, provide expertise in marketing that risk to carriers, and get access to policies tailored to it.
Strong relationships with underwriters. The right broker should also maintain robust working relationships with underwriters who specialize in cyber liability, and have an in-depth understanding of which markets are best suited for insureds of specific classes. A broker who does a large volume of cyber submissions often gets priority with these underwriters.
Signs point to the likelihood that this product will become an important facet of corporate coverage for organizations in almost every industry. Now is the time for insurance agents to get in ahead of the trend-so they can be ready when customers need it. In addition, cyber insurance premiums are cheaper now than they are ever going to be. Insurance agents who can get into this market now will be far ahead of their competition as prices rise.
Works Cited
The Chubb Institute: US Public Companies' Perception of Risk, and Their Risk Mitigation Strategies. (Accessed March 24, 2015).
Verizon: 2012 Data Breach Investigations Report. (Accessed March 24, 2015).
Identity Theft Resource Center: Data Breach Reports. (Accessed March 24, 2015).
National Conference of State Legislatures: Security Breach Notification Laws. (Accessed April 7, 2015).
European Commission's Directorate General for Justice and Consumers: Protection of Personal Data. (Accessed April 7, 2015).
US Securities and Exchange Commission: CF Disclosure Guidance: Topic No. 2. (Accessed April 7, 2015).
About the Author:

Newest Articles in Insurance