Cyber Risk Insurance (also called Privacy, Network Security or Data Breach insurance) is getting significant consideration by most small and medium sized organizations, but many organizations do not know how to evaluate it. We have provided information on Cyber Risk insurance in prior posts (see here, here & here). In addition, here are a few of our tips for helping your customers consider and buy Cyber Risk insurance.
- Identify cyber exposures, particularly unique exposures. Virtually all organizations have some type of cyber exposure, but the exposures can differ greatly. What are the key exposures, and does the client have any unique characteristics that create exposures?
- Be clear what the coverage objectives are. Cyber Risk policies are not the same, and matching coverage with need is critically important.
- Provide good information. Underwriters still have a difficult time underwriting and rating accounts due to a lack of detailed, credible loss statistics. Giving accurate and clear information is helpful in obtaining competitive proposals.
- Get proposals from multiple insurers. Because forms, underwriting and rating approaches are different, costs and terms can vary significant and are not always consistent. And beware of endorsements on GL policies – the coverage is often narrow.
- Use a Cyber Risk expert (shameless plug: like us!).
- Buy the product that you need. It is critically important to obtain the terms that match the specific needs of the organization, including customized terms. And review policy exclusions that might have an impact. The least expensive is not usually the best buy.
- Buy the limit you need. Estimate the exposure and make sure there is enough limit to cover it, particularly for data breach notification costs. Some policies have sub-limits, others have varied definitions, and realistic costs are difficult to project.
One of the challenges in buying Cyber Risk insurance is the amount of inaccurate information. Cyber Risk insurance policies are not all the same, and there is no best policy for all organizations. Here are some articles to review, but note that some of the information regarding the Cyber Risk market is not correct:
Risk Management
Microsoft (it looks like the article is missing some information)
Entrepreneur
Dark Reading – Don’t waste your money on Cyber (!)
Forbes
BankinfoSecurity
Cyber Risk Insurance is not difficult to explain to potential clients, and at least basic protection should be in place. As a wholesale broker, we provide Cyber Risk Insurance to all types organizations through retail insurance agents and brokers.
Specialty Insurance Expertise: Tennant Risk Services
Insurance Entrepreneurship: Tennant Capital Partners
With todays growing technology this type of insurance seems to be on the rise.
Posted by: Orlando Insurance | January 03, 2013 at 09:36 AM
Hi,
Thanks for sharing the useful information about Cyber Risk Insurance.
Posted by: Alisdair allied | January 03, 2013 at 05:10 AM
Cyber risk insurance caters to a very real concern i.e security of the digital assets, which are important and vital.
But some questions remain like does this insurance only covers computers physically located in your premise or it can include web servers also, which are pet target of hackers?
Posted by: expatriate insurance | December 27, 2012 at 09:08 PM