Should we be buying Cyber Insurance?
November 27, 2019

Cyber Insurance is still a relatively new product and it seems to be evolving almost daily with more and more players entering the marketplace. That’s good isn’t it? The competition at the top has led to better wordings and more cover – however it can still be a minefield. I want to explore the reasons why these polices are being considered and the kind of situations they can protect you from…

GDPR (General Data Protection Regulation)
GDPR gave Brexit a welcome break in 2017, the new regulation threatened to disrupt the way we do business forever, the ICO gave little guidance, and we all worried that we wouldn’t be able to hand out business cards anymore. The reality being that GDPR has actually improved the quality of data we use every day, and if anything, improve the way we go about lead generation and customer privacy. Data protection was initially the driver behind Cyber Policies as a way businesses could protect themselves with the costs associated with breaches of this new legislation. The fines can be 20 Million Euros or 4% of worldwide turnover (whichever is the greater). Most Polices appear to cover these fines, however only time will tell as this could be viewed against ‘Public Interest’.

System hacking/Virus transmission
Be this your own system being penetrated or perhaps your actions passing a virus onto a customer. Both can be detrimental to a business – what happens if your company is held to ransom through a system hack? Do you have the funds to protect your balance sheet? How about your reputation and the mis-trust now felt by your customer to whom you unknowingly transferred a virus The right cyber policy will provide you with access to a cyber response team who will also help you with preventative measures as well as the protection in the event of a system hack or a virus transmission. But are consumers aware of what is and isn’t included when purchasing a cyber insurance policy?

Business Continuity
The risk and vulnerability felt by many to a targeted attack can cause sleepless nights. However, the subsequent business interruption deals with the aftermath of losing business and money even after the attack/incident has taken place. A Business Continuity policy helps to support you in these circumstances, however do they cover a Cyber incident? The criminals are getting more sophisticated and will continue to be one step ahead. Ensuring you have the right policies in place will help to elevate the potential damage to your business.

Social Engineering
The use of deception to manipulate individuals into giving up confidential or personal information that may be used for fraudulent purposes. This is where it gets tricky. A lot of Insurers will not cover this eventuality unless your system has been compromised i.e somebody has got through the firewall and starts to control the system from within. If it’s plain deception (the con) either via an email or telephone you might want to start reading the ‘small print’. If you really want protection it may be worth considering a ‘Crime’ Policy with a Cyber extension. These Policies will cover other non cyber related crimes also, so you will be protecting your business from several angles.

Telephone Hacking
In the digital age the good old telephone system can still be vulnerable to hacking. The security can be breached with potentially hundreds of unauthorised calls made to Premium rate numbers. This is frequently done over a weekend. Not the nicest way to start the week with this discovery.

Personally, I think businesses should undertake an audit of where they are in respect of the risk and then consider transferring the risk via an Insurance Policy. One of the main benefits is not just the monetary reimbursement but there will be experts who will hold your hand and allow you to get on with your core business as they manage both the tangible system recovery and your reputational risk. I started with GDPR and will end with it. If the ICO comes knocking because you have breached, showing them you bought a policy to minimise this, and that you took the risk seriously can only be a positive. All of the above risks can be covered to a lesser or greater degree depending on which insurer you choose. You need to get the right advice.

Click here to go to the Tasker Technology Page for more product information.

Read More > Read Less > < Return