Cyber Liability Insurance Archives

Cyber Insurance – 2016

March 1, 2019January 4, 2016 by cyberbrokers.co.uk

2015 was a pivotable year for cyber insurance , with a number of high profile incidents involving cyber crime and data breaches occurring around the world. This tested policy wordings and provided a perspective of how such claims will be managed by insurers.

The topic of cyber insurance is now firmly on the agenda’s of many businesses and rates high on risk registers , how this exposure is managed is very much down to the individual approach of a business and how their perceive a cyber threat would impact.

The need for cyber insurance will be determined by the risk landscape which operates in a dynamic technological environment.

Some of the factors that may influence the growth of this specialist form of insurance are likely to be the following :-

A cyber security breach is almost inevitable and more emphasis will be placed on CEO’s and CISO’s to become responsible for data breaches and how they are able to mitigate such cyber risks within a business.
The threat of cyber attacks to critical infrastructure , whether this be of a political or criminal nature.
The “Internet of Things” , as electronic devices become inter connected , this increases the opportunity for cyber crime and data breaches to take place.
Cyber security businesses will be in increasing demand as insurers will depend more and more on their expertise in the assessment and management of cyber risks.
The increase in ransomware gangs as they utilise more sophisticated malware which businesses may fail to recognise should they not maintain the latest cyber security methodology .
Cloud security is perceived as a larger than life threat as many businesses now rely to a certain extent on this form of developing technology for storing data. How safe this technology has not yet really been been subject to hackers focus and presents a real threat to the safeguard of data.
Certain businesses sectors remain a high risk, such as health , finance and on-line retailers. This are the sectors where there is the highest take up of cyber insurance and it is conceivable that this will continue.
The growing threat of cyber terrorism will remain with terrorist groups targeting government, military and critical infrastructures.

It will be fascinating to see how these factors do influence the rise of cyber insurance , in the course of events insurers will need to develop their products to respond to the evolving cyber risks that will unfold this year.

Cyber Liability – The Internet of Things

March 1, 2019December 27, 2015 by cyberbrokers.co.uk

The “Internet of Things” is the product of the increasing connectivity of corporate computing infrastructures, industrial machinery and electronic consumer devices.

This provides new cyber threats to businesses which will need to be managed through a combination of robust cyber security measures and cyber liability insurance.

The phase, the “Internet of Things” is associated with devices that are capable of communicating via the internet through programmed commands or by “learning “patterns of behaviour and activity so as to recognize common occurrences in our daily lives and communicating with other devices accordingly

With more devices and people being connected to the internet in the coming years, this will produce a global impact with the estimated market for the “Internet of Things”thought to be $66 billion between now and 2019.

From a business and consumer perspective this has many advantages , whether it be controlling an industrial process remotely to switching on your central heating whilst you are on the way home on a train, it does however come with very real cyber related threats.

The main threat bought by the “Internet of Things” is the vulnerability of the loss of data and the compromising of personal information as devices will have access to such information about a business or individual . This scenario makes it a prime target for a security breach from a targeted hacker attack.

Examples of recent attacks this year :-

Hacking attack of a German steel mill where hackers gained control of a smelting furnace and caused it to over heat resulting in damage to the furnace and interruption to the business.
Hackers took remote control of cars steering , braking and acceleration
Baby monitors being hacked allowing third parties to control the monitors

This year Lloyd’s of London commissioned a report where a hypothetical attack was carried on the electricity grid of the Eastern US. It was calculated that the loss could equate to $2 trillion which would not all be covered by insurance.

A cyber liability insurance policy will provide coverage for both third party and first party losses. This encompasses a businesses third party liability and first party exposures resulting from a data security breach , the response and associated investigation costs . It can also respond to business interruption loss and damage to a businesses computer systems and it’s data. The policy however is unlikely to respond to all first party damage and claims involving bodily injury . It will therefore be necessary for other insurance policies to be reviewed by your insurance broker to ensure that an any gaps in coverage are appropriately addressed.

The importance of Cyber Liability Insurance

March 1, 2019December 20, 2015 by cyberbrokers.co.uk

The importance of cyber liability insurance in the future was highlighted as EU Protection rules were finally agreed between the Parliament, the Council and the Commission . This will be known as the General Data Protection Regulation ( GDPR) and will apply to all current 28 EU members.

This will unify and modernise data protection laws across the EU , it will apply to data processors as well as data controllers.

The next stage is for the Civil Liberties Committee to approve the text of the GDPR and once this has been approved it will be put to the vote by parliament at the beginning of 2016. Regulation will then become directly applicable and will take effect in Member States in 2018.

Some of the main data protection requirements will be as follows:-

Businesses will need to appoint a data protection officer
Data breaches will need to be notified to the relevant data protection authority within 72 hours. Depending upon the breach it may need to be notified to the affected data subjects.
Businesses will need to carry out privacy impact assessments prior to carrying out any high risk data processing.
Implement privacy by design when carrying out processing personal data.

If a business is found to be in breach of the GDPR , a fine of up to 4% of their total worldwide turnover which demonstrates the importance that the EC attach to this.

This has been a very busy two weeks for the EEC as they also announced last week the first cyber security law , the Network and Information Security Directive . This represents a security and reporting directive for companies in critical businesses sectors such as transport , energy , health and finance.

Despite the GDPR not coming into force until 2018 , it is important to now consider the implications of the cost of compliance on a businesses such as :-

The adequacy of a IT systems
The current methodology of data collection and processing
The re-training of staff with the new data protection law and implications of non- adherence

Cyber liability insurance will play a significant role in supporting businesses when enforcement of the law takes place.

A current Cyber liability insurance policy can assist as follows:-

Privacy liability

Damages and claims expenses associated with the unauthorized disclosure of confidential information.

Privacy regulatory defense and penalties

In the event of a data breach the policy would provide coverage for claim expenses incurred as result of a civil regulatory action which includes civil penalties or fines to the extent that they are insurable by law.

Privacy breach response costs and customer notification expenses

The policy would assist with the response costs associated with the breach and customer notification costs of individuals that may have had their data compromised.

Customer support and credit monitoring expenses

This would involve the support of a specialist crisis management response team and the availability of credit monitoring for a period of time post breach, up to a year.

Cyber liability insurance is an evolving insurance product, with insurers constantly looking to enhance coverage in response to a businesses developing technology exposures and it is anticipated this niche product will further develop in response to the forthcoming GDPR.