Cyber Liability
Cyber Liability Insurance
All organisations have a duty of care to protect the data they hold from being stolen or lost and Cyber Liability Insurance can help you in the event you are unfortunate enough to suffer a cyber-attack, or data loss.
In today’s digital world cyber security should be a concern for all organisations as IT failures and loss of data have been prominent in the news. It’s not just IT systems that can cause the loss of data, with 43% of data loss incidents being caused by human error.
Currently it is not mandatory within the UK to notify The Information Commissioners Office (ICO), but following a review of the EU Data Protection Directive 95/46/EC a new directive, the General Data Protection Regulation (GDPR), will change this and could come in to force during 2016.
Threats associated with cyber-attacks and data loss are:
- Loss of hardware
- System interruption by malware (Viruses, Trojans etc)
- Phishing
- Network failure
- Cyber extortion
- Rogue employees
- Negligent employees
Cyber liability insurance
Bespoke cyber insurance and risk management programmes for businesses large and small
Our services for clients requiring cyber liability insurance cover
BJP Insurance Brokers can provide you with an insurance policy which covers the liability of companies arising from a breach of data protection laws and the management of corporate or personal data.
If you would like to obtain a quote for cyber liability insurance, or discuss this further, please contact Dean Spurdens on 0345 365 2121, or e-mail deanspurdens@bjpinsure.com
Cyber crime is on the rise
It is estimated that the annual cost to the global economy from Cyber Crime will be $445billion (*information CSIS/McAfee), with the cost of Cyber Crime in the UK being in the region of £27billion (*information from QBE sentiment survey June 2014)
In 2014 there were 1,023,108,267 records breached, or 2,803, 036 every day. (*information taken from the 2014 Breach Level Index)
Data privacy breaches are costing small organisations, with 50 or fewer employees, between £75,000 to £311,000 and for larger organisations, with 250 or more employees, between £600,000 and £1.5million per breach.(*Information from Security Breaches Survey commissioned by HM Government and conducted by PwC)
Talk to the BJP team today
For independent advice and fast quotes for your cyber liability insurance
Cyber Attacks – What are the risks that a cyber liability insurance policy might protect my business from?
Not only will a cyber attack create an immediate inconvenience for you as a business, but the implications could be far more severe than you thought and the costs associated to this can include:
- Cost of notifying personal or corporate clients
- Cost of employing specialist forensic IT experts
- Cost of ID and credit monitoring
- Investigation fees
- Penalties and fines
- Third party liabilities
- Damage to your business brand and reputation
- Business Interruption costs
BJP can offer you a specialist cyber liability insurance policy through market leading insurers which can provide you with:
- Direct access to experts who can help you manage and investigate an attack
- The insurance policy will provide expert legal response and PR consultancy to contain reputational damage.
- Pro-active Forensic Services
- The policy will provide expert forensic services to identify what has been affected, how it can be contained, repaired, or restored.
- Notification to affected individuals or corporate clients
- All reasonable and necessary fees, costs and expenses incurred by the insured, including costs associated with setting up a call centre in relation to investigation, collation of information, preparation and notification to data subjects and/or relevant regulators.
- Credit and ID Monitoring costs
- Following notification to data subjects, insurers will pay all reasonable and necessary fees, costs and expenses incurred for credit or identity theft monitoring services to identify possible misuse of personal information as a result of an actual, or suspected breach of personal information. If necessary this will also extend to cover the premium for ID Theft Insurance.
Examples of claims that a cyber liability insurance policy may protect your business from
Phishing Claim
After failing to identify a phishing e-mail a company re-directed a payment they thought had been sent by one of their suppliers into a fraudulent bank account. Because the payment had been made voluntarily the bank refused to refund the loss of money totalling £240,000 to the company. Although the loss of the money would not be covered by a cyber policy, but a commercial crime policy, any forensic investigation costs to see how the client suffered a cyber breach would have been covered by a cyber liability insurance policy.
Loss of Confidential Data Claim
A company had their systems hacked which resulted in 5,000 customer credit card details being stolen and used by fraudsters. The Cyber Liability policy would pay the costs of the forensic investigation, notifications costs to the card holders, credit and ID monitoring costs, PR costs to minimise any reputational damage, pay damages and defence costs arising from a claim in respect of the loss of personal information and the cost of the fees for professional preparation for any investigation, insurable fines and penalties by a data protection regulator.
Media Liability Claim
A company’s systems were breached which resulted in slanderous statements being made against a competitor. The Cyber liability policy would respond to pay compensation to the effected third party as well as the forensic investigation costs and PR costs to minimise any reputational damage.
Denial of Service Attack – Resource Consumption
An attacker ties up all of a target servers available connections by simultaneously requesting numerous bogus connections. When the server responds to each request, the attacker withholds the final information needed to complete each connection. The server waits, the bogus connections stay open and the legitimate users are shut out which means the target is unable to trade. A Cyber Liability policy which has Business / Network Interruption cover will pay for the loss of net profit and expenses incurred for the restoration of the system from the resultant DOS (Denial of Service) attack and the Forensic Investigation Costs.
Employee Loses Laptop
An employee of a financial institution left their laptop, which contained the names, addresses, sort codes and account numbers of clients, on a train and was unable to trace it to have it returned to the company. The Cyber Liability policy would pay for the notification costs to inform the clients that their details have been lost, credit and ID monitoring costs, PR costs to minimise any reputational damage which the Financial Institution may face, pay damages and defence costs arising from a claim in respect of the loss of personal information and the cost of the fees for professional preparation for any investigation, insurable fines and penalties by a data protection regulator.
Extortion and Ransom Demands
A company received an e-mail to say that their system had been hacked and unless they paid £30,000 ransom their company personal information would be released onto the web. The Cyber Liability policy would pay the necessary fees, costs and expenses to conduct an investigation to determine the cause and to end an extortion threat.
Rogue Employee
An employee of a recruitment agency steals the personal information of thousands of temporary workers. The Cyber Liability policy would pay the costs of the forensic investigation, notifications costs to the card holders, credit and ID monitoring costs, PR costs to minimise any reputational damage, pay damages and defence costs arising from a claim in respect of the loss of personal information and the cost of the fees for professional preparation for any investigation, insurable fines and penalties by a data protection regulator
Repair of your companies or individual reputation
Expert legal response and PR consultancy to contain reputational damage.
Fines and Investigations
The policy will pay for the professional preparation for any investigation, insurable fines and penalties by a data protection regulator.
Personal and Corporate Liability
The policy will pay on behalf of the insured all damages and defence costs arising from a claim in respect of an actual, or alleged, breach of personal or corporate information.
Security Failure
The policy will pay on behalf of the insured all damages and defence costs arising from a claim by a third party in respect of an actual, or alleged, security failure.
Failure to notify
The policy will pay on behalf of the insured all damages and defence costs in respect of a failure to notify a data subject and/or any regulator following an actual, or alleged, breach of information.