Insurance for Cyber Losses

Insurance for Cyber Losses

Cyber insurance protects against damages to computers and computer systems caused by human error or as a result of malicious attacks and crimes, including fraud, unauthorized access, theft of customer information and Web site sabotage. Loss of income from the interruption of your day-to-day activities, damage to data making it unrecoverable, and potential lawsuits are just some of the financial fallouts that may result from a data loss event.

While nothing can replace data that is permanently lost, or prevent a third party from bringing a lawsuit for losses they sustained when your computer system was breached, insurance products exist that can take some of the financial pain of the experience down a notch.

Most ordinary commercial general liability, and property and casualty liability policies won’t cover data loss suffered by the nonprofit because electronic data is excluded from the definition of “tangible property.” This means that nonprofits seeking insurance for cyber losses must find a special policy tailored to address computerized data losses.

  • In some states (California and New York) “media” insurance policies are harder to come by. In most other states, separate data loss policies are more readily available, assuming that the nonprofit already has a back-up system in place to begin with. Luckily these special products are relatively inexpensive—a basic annual premium may be less than $1,000.
  • To protect against lawsuits brought by third-parties, nonprofits can buy insurance that expressly covers the risk of causing a third party to suffer a data loss. That insurance may be called “internet liability,” “cyber liability,” or “network security” liability insurance.
  • With the right insurance coverage for loss of computerized data your nonprofit may be able to:
  • Pay for staff time to re-enter data into a new database
  • Replace hardware that was damaged or destroyed
  • Pay a computer specialist to repair or resurrect a crashed or stolen file server
  • Pay for staff time to notify all customers or clients to let them know about a security breach
  • Pay for the cost of equipment needed to restore your nonprofit to the position it was in prior to the data loss event.
  • With insurance for third-party liability suits your nonprofit may be able to:
  • Transfer much of the cost of defending the lawsuit to the insurance carrier
  • Pay the injured party the damages they claim resulted from a computer security breach or data loss affecting your nonprofit’s computer system.
  • For more information about data loss insurance policies, contact your broker or agent.

May/June 2008 Risk Management Essentials