Cybercrime might be one of the most frequent forms of crime, and yet it is not given the due attention required to mitigate its risks. Both businesses and individuals are susceptible to get affected by cybercrime. And 2020 made the situation even worse as companies had to push for remote working without adequate security measures in place.
India saw a nearly 65% jump in the cybercrime reports filed in 2020, as per the base in 2019. Several small, big, and even large-scale enterprises got impacted by such crimes. Cyber insurance can be a prudent mechanism to recoup the expenses and losses incurred while facing a cyberattack.
What is Cyber Insurance?
At its core, cyber insurance is not that different from other insurance covers. It is more comprehensive in nature and covers cyberattacks. To get a clear idea of what is cyber insurance
, read this typical case that anyone might be prone to go through:
Suppose you are running a business processing unit, helping USA-based healthcare companies process medical invoices. You will be working with a lot of sensitive information that is transmitted across the cloud. Now, what is an organized attack conducted that breaches your security and takes hold of all the sensitive data you have? The attackers demand $1 million to get you out of it, or else they will publish all the data on the dark web.
This particular form of attack is called Ransomware. Such attacks have become more common as businesses scale their digital networks without having sufficient investments in security and often not having critical information on what is cyber insurance
. In the above-given scenario, if you had a cyber insurance cover, you would get several benefits such as the cost of upgrading your network firewalls, legal expenses for the user data leaked, fees of a negotiator if you need one, and even the money you might have to pay for the ransom. Now that you have a better idea about it, you can go into details of understanding how does cyber insurance work.
How Does Cyber Insurance Work?
Understanding how does cyber insurance work is like understanding how any form of business or individual insurance works. You are supposed to take an insurance cover when you are prepared and pay the premiums. In the cyber insurance coverage
tenure, if your business faces a cyberattack or any of the events covered in your policy, you get compensated for the wide range of costs related to such attacks.
Common costs and damages included under cyber insurance coverage include:
First Party Liability
: These are the damages directly incurred by your business. They tend to include:
- If you have lost any data or sensitive information or have transferred money by providing your data to an online fraudster, you might get compensated for it.
- The fees of a professional negotiator, if required, as well as any money paid to the cyber-attacker as a form of extortion.
- Limited disbursement for hiring credit monitoring services, bearing the business interruption expenses, corrective charges against vandalism, and the cost of hiring public relations contractors.
: These are usually the damages your business has to pay for as a liability towards third-party entities:
- Any form of liability your business has to bear for the damage experienced by customers or damage to intellectual property.
- Any liability that your business has against the damage to reputation witnessed by third-party entities.
- Any form of legal expense you have to bear for defending cases filed by the government or private entities.
- Claims made for the security failure experienced by third-party platforms, attributable to your business as well as the extradition proceedings, if applicable.
- Does Cyber Insurance Include Damages Incurred by Individuals?
Yes - cyber insurance damages can cover individuals. However, these would generally not include the personal damages incurred by the proprietor of the company that has been through a cybersecurity breach. The individuals generally covered under the cybersecurity insurance policy are the customers, third-party vendors, and employees who have witnessed substantial damage attributable to the cybersecurity breach at the company.
- What are the Exclusions of Cyber Insurance?
policies, while seemingly comprehensive, tend to have their own set of exclusions:
- Any form of physical damage, health risks, death, or injuries witnessed by the insured entity or by the third-party, directly attributable to the cybersecurity breach.
- Wilful breach of law can render the policy null & void.
- Wear & tear, sudden mechanical failure, or even gradual deterioration of an information technology system are not covered under a cyber insurance policy, even if that leads to security vulnerabilities.