Cyber Security Insurance
Hiscox can help you protect your business from malware and hackers with cyber security insurance for small businesses.
What is Cyber Security Insurance?
Cyber security insurance protects businesses against computer-related crimes and losses. This can include targeted attacks, such as malware and phishing, as well as the occasional misplaced laptop containing confidential material.
If your business computer system is compromised by a targeted or an accidental attack, you may be liable for the cost to notify the affected parties and provide credit monitoring, even if the data is not exploited. You could lose money to a phishing attack or lose business due to a ransomware demand.
A cyber insurance policy is designed to cover privacy, data, and network exposures. The list of regulations and statutes continues to expand regarding the use and protection of cyber security information, as well as notification requirements in the event of a breach. As cyber exposures continue evolving, so will your need to ensure that your business is protected if a cyber attack occurs.
Hiscox Cyber Security Insurance covers:
- Lost business revenue and data recovery costs due to a breach or extortion threat
- Money lost due to a fraudulent instruction by a third party (known as phishing)
- Defense against privacy lawsuits and regulatory fines
- Breach response resources if an attack occurs.
- And more.
Why do I need Cyber Security Insurance?
Today’s business technology opens up a world of possibilities but also raises some cyber protection concerns. Threats of data breaches and computer hacks are real for all businesses, yet according to the 2019 Hiscox Cyber Readiness Report™, seven in ten businesses aren’t prepared for a cyber attack. While big firms incur the highest costs in the aggregate, the financial impact of cyber attacks is disproportionately greater for small businesses.
With hackers becoming bolder and cyber attacks getting bigger and more frequent every year, business owners must take control of their computer security and protect themselves. Cyber insurance provides small businesses the coverage they need to protect one of their most valuable assets – data.
You need cyber insurance if your business:
- Accepts credit cards or other digital payment types
- Uses computers and mobile devices
- Keeps medical or financial data
- Stores confidential customer information
What does Cyber Security Insurance cover?
- Breach costs: Covers costs associated with responding to a breach, such as forensic costs to confirm and identify the breach, costs to notify affected individuals, credit protection services, including costs to staff a call center for redemption of monitoring offers, and crisis management and public relations costs.
- Cyber Extortion: Covers response costs and financial payments associated with network-based ransom demands. With the proliferation of ransomware and anonymous currencies such as Bitcoin, network extortion demands are on the rise. In the digital world, intangible assets are ‘kidnapped’ and used to extort individuals through threats to shut down a system or divulge sensitive or proprietary information if a ransom is not paid
- Cyber Crime: Covers financial losses associated with social engineering, reverse social engineering, and funds transfer fraud. Social engineering is when someone uses electronic means to impersonate your client, vendor, or employee to deceive your company into transferring or delivering financial assets. Reverse social engineering is when a cybercriminal uses your computer system to deceive your client or vendor into transferring money intended for you to another person or entity.
- Business Interruption: Covers lost business income when a company has its network-dependent revenue interrupted. Technology growth has created new business income perils, such as viruses, tech failures, programming errors, and computer hacking, so cyber coverage is needed to pay for interruptions from these events as well.
- Data recovery: Covers costs to replace, restore, or repair damaged or destroyed data and software. In a digital world, property is no longer exclusively tangible, so cyber coverage is needed to pay for intangible data recovery costs.Privacy Protection: Covers costs to defend and resolve claims with regard to the handling of personally identifiable or confidential corporate information. Covers negligence, violation of privacy or consumer protection law, breach of contract and regulatory investigations. Covers issues resulting from the failure of network security, including the negligent transmission of a virus.
Digital media upgrade
- Digital media: Covers costs to defend and resolve claims related to online content, such as copyright or trademark infringement, invasion of privacy, defamation, unintentional infliction of emotional distress, unfair practices and negligence in connection with your media activities. This is insurance for claims made against you that arise from the content of your website, social media and other promotional material.
What is not covered
- Criminal Proceedings: We won’t cover claims brought in the form of a criminal proceeding, such as a criminal investigation, grand jury proceeding, or criminal action.
- Funds Transfer: Other than transfers associated with cyber crime coverage, we won’t cover claims for loss, theft, or transfer of funds, monies, or securities.
- Infrastructure Interruption: We won’t cover claims from failure or interruption of water, gas, or electric utility providers.
- Intentional Acts: We won’t cover any fraud, dishonesty, criminal conduct, or knowingly wrongful act of the business or its employees.
- Prior Acts or Knowledge: We won’t cover any claims you had knowledge of prior to the policy period.
- Subsidiary Outside Control of Named Insured: We won’t cover any incident experienced by a subsidiary you do not have majority ownership or management control of.
- Business Interruption from Systems Under the Control of Third Parties: We won’t cover business interruption costs from a system failure of a computer system owned by any person or entity that is not an insured (except for those interruptions covered by dependent system failure).
Sample claims scenarios:
Cyber insurance offers broad coverage designed to protect businesses like yours. Here are some examples of what could go wrong and how it could be covered:
- Phishing email leads to ransomware: An employee at a retail store’s headquarters clicked on a link in a phishing email that appeared to come from a vendor partner. A cybercriminal gained access to the retailer’s entire server, impacting its point of sale registers. The ransomware attack held the systems hostage, effectively stopping sales from being transacted, until ransom was paid.
- Media firm experiences breach of client information: The computer system of a media firm contains large amounts of data on its clients’ analytics, including search engine optimization keywords, pay-per-click campaigns, customer databases, etc. The system’s security services upgrade lapsed, leaving it more vulnerable to a data breach. The system is hacked and the media firm is obligated to indemnify its clients for breach costs to notify impacted customers and lawsuits alleging negligence.