Posts

Do I need Cyber Liability Insurance?

Gavin Livingstone, President, and Mike Carlson, CTO at Bryley Systems Inc. with Bill Percuoco, Sales Executive at DF Murphy Insurance Agency, Inc.

In general, Bryley retains business insurance to address all areas of significant risk; we ensure that we have sufficient coverage for all big-event issues, while usually requesting the greatest deductible possible.  Cyber Liability Insurance is high on our list of must-have coverage; both for ourselves, and for our clients.

Cyber Liability Insurance is designed to protect consumers of technology services or products.1  It provides coverage for data breaches, known or even undiscovered, and is a risk-transfer option designed to address some of the costs of mandatory notification (required within the Commonwealth of Massachusetts and 45 other states) and to deal with the remedial aspects of a data breach.2

Coverage typically includes:

  • Data breach/crisis management costs – Reporting and managing an incident, including remediation
  • Network security liability – Third-party damages due to denial of access
  • Multimedia liability costs – Restitution for defacement of website(s)
  • Extortion liability costs – Losses due to extortion attempts

Organizations that process credit cards are at risk; more so if they store credit-card information on their network.  In addition to credit-card information, a data breach that discloses other types of personal information can introduce extensive liability:

  • Employee information is a risk for any employer.
  • Information collected and retained from medical applications may include confidential medical and/or personal data.

While non-Fortune-5000 organizations are unlikely to be specifically targeted for their data, many of these attacks are broadly distributed, often via forged emails sent to thousands of people.  The attackers gather data from successful attacks and then determine if it is of any use to them.

Another targeted area could be your public presence – web site, Facebook/Twitter, etc.  This is more of an embarrassment than a financial liability, but restoring the web site and regaining access to hacked social-media accounts and the like does have a cost.

Bill Percuoco of the DF Murphy Insurance Agency, Inc. (our insurer), notes that they have recently seen several claims stemming from social engineering where a criminal has tricked an individual into transferring money.  (Social engineering is the psychological manipulation of someone to reveal confidential information or perform a desired action.3)

Due to supporting the technology of our clients, Bryley Systems remains extremely diligent; in addition to our security measures and internal controls, processes, and policies, we have had Cyber Liability Insurance for many years.  Our premiums are based on annual sales, factored by industry, services, policies, security, and risk-exposure; we are likely at the high end since we protect other organizations.

We believe that it is far less expensive to purchase Cyber Liability Insurance coverage than it is to face these situations without sufficient resources.  To that end, we recommend Cyber Liability Insurance to our clients and to all organizations using online technology, particularly those that accept credit cards and/or use online financial, medical, or employee-oriented applications.

1Please see Data breach and cyber liability:  Real risks in a virtual world in the blog at DF Murphy Insurance Agency, Inc. from May 11, 2015.

2Please see Understanding Cyber Liability Insurance from Trusted Choice® Independent Insurance Agents.

3Please see Social Engineering in Wikipedia, the free encyclopedia.