24 years
97.9 Customer Satisfaction Score
200k Tickets Closed
83% resolved remotely
97% Resolved within SLA Goal

Cybersecurity insurance is becoming more complicated, more expensive, and more necessary. Are you putting off getting a policy? You shouldn’t wait any longer. 

The cybercrime landscape is getting more unpredictable and complex every day. Cybercriminals are finding more effective ways to infiltrate business networks and steal critical business data—but you already know all this. 

Cybercrime is a serious and expensive threat. The average cost of a data breach in the United States is currently $5M—can you afford that? 

That’s why so many businesses are considering investing in cybersecurity insurance, which is designed to help businesses cover the recovery costs associated with any kind of cybersecurity incident.

What You Should Know About Cybersecurity Insurance 

First of all, it’s not a trend that’s going to go away. Over the past few years it has rapidly grown as an industry:

Cybersecurity insurance is a relatively new type of protection designed specifically to help cover the potentially massive expenses associated with an unavoidable data breach. It can be a worthwhile investment, so long as you know how it works.

The somewhat inevitable nature of modern cybercrime has led businesses to consider cybersecurity insurance as a final layer of reassuring protection. In fact, it’s becoming more and more necessary, as many insurance providers have begun drawing a clear line between normally covered losses, and those incurred by cybercrime-related events. 

That means that if your cybersecurity doesn’t meet the standards of your insurance provider, you may not be as well covered as you think. 

Types of Cybersecurity Insurance

Breach and event response coverage

A very general and high-level form of coverage, this covers a range of costs likely to be incurred in the fallout of a cybercrime event, such as forensic and investigative services; breach notification services (which could include legal fees, call center, mailing of materials, etc.); identity and fraud monitoring expenses; public relations and event management.

Regulatory coverage

Given that a range of organizations has a hand in regulating aspects of cyber risk in specific industries, there are usually costs that come with defending an action by regulators.

This covers the costs associated with insufficient security or “human error” that may have led to a privacy breach. Examples may include an employee losing a laptop or e-mailing a sensitive document to the wrong person.

However, this type of coverage is not just limited to governmental and healthcare-based privacy breaches. It can also be useful for non-governmental regulations that intersect with the payment card industry and are subject to payment and financial regulatory standards. 

Liability coverage

This type of coverage protects the policyholder and any insured individuals from the risks of liabilities that are a result of lawsuits or similar claims. If the covered entity is sued for claims that come within the coverage of the insurance policy, then this type of coverage will protect them. 

There is a range of types of cybersecurity insurance liability coverage, which include:

Privacy liability

This applies to the costs of defense and liability when there has been a failure to stop unauthorized use/access of confidential information (which may also include the failure of others with whom the entity has entrusted data).

Coverage can also extend to include personally identifiable information and confidential information of a third party. 

Security liability

On a higher level, this type of coverage applies to the costs of defense and liability for the failure of system security to prevent or mitigate a computer-based cyber attack, which may include the propagation of a virus or a denial of service.

An important note — failure of system security also includes failure of written policies and procedures (or failure to write them in the first place) that address secure technology use.

Multimedia liability

This type of coverage applies to the defense and liability for a range of illegal activities taking place in an online publication, such as libel, disparagement, misappropriation of name or likeness, plagiarism, copyright infringement, or negligence in content.

This coverage extends to websites, e-mail, blogging, tweeting, and other similar media-based activities. 

Cyber extortion

This type of cybercrime event is generally a form of a ransomware attack, in which a cybercriminal keeps encrypted data inaccessible (or, alternatively, threatens to expose sensitive data) unless a ransom is paid.

Coverage of this type addresses the costs of consultants and ransoms, including cryptocurrencies, for threats related to interrupting systems and releasing private information. 

Will Cybersecurity Insurance Completely Protect Your Business Against Cybercrime?

A common misconception is that a cybersecurity insurance policy is a catch-all safety net, but that’s simply not the reality. Without a comprehensive cybersecurity strategy in place, a business may not qualify for a policy in the first place. 

Furthermore, in the event of a hack, a business may not qualify for full coverage if their cybersecurity standards have lapsed, or if they can be found to be responsible for the incident (whether due to negligence or otherwise). 

The core issue is that as cybercrime becomes more common and more damaging, insurers will become more aggressive in finding ways to deny coverage. It’s in the interest of their business to pay out as little as rarely as possible, which means the policies will tend to rely on a series of complicated clauses and requirements that covered parties have to comply with. 

A key example of this is when Mondelez International was denied coverage for the $100 million of damage they incurred from the NotPetya attack. Their insurer, Zurich Insurance, cited the obscure “war exclusion” clause, claiming that Mondelez was a victim of a cyberwar. 

This is not an isolated incident. As discovered by Mactavish, the cybersecurity insurance market is plagued with issues concerning actual coverage for cybercrime events:

  • Coverage is limited to attacks and fails to address human error
  • Claims are limited to losses that result directly from network interruption, and not the entire period of business disruption
  • Claims related to third-party contractors and outsourced service providers are almost always denied

All this goes to show why business owners need to look carefully at the fine print of their cybersecurity insurance policy and ensure their cybersecurity standards are up to par. No one should assume they’re covered in the event of a cybercrime attack—after all, for every $1 million paid in premiums, insurance companies only pay out $320,000 in claims

We’ll Manage Assist With Your Cybersecurity Insurance Needs

Need help assessing and improving your business’ cybersecurity before you sign up for an insurance policy?

Our team provides cybersecurity and technology services for organizations like yours—we are available to help you develop a robust cybersecurity defense. 

We can ensure you qualify for a policy and minimize the chance that you’ll have to make a claim on your cybersecurity insurance. Get in touch with our team to get started. 

 

Schedule your No-Obligation IT Assessment with Palindrome Consulting

Schedule Now

Elizabeth Mitrani
Elizabeth Mitrani
17:23 06 Aug 19
Palindrome Consulting was key in establishing my business and helps me keep it running. They are the consummate... professionals, incredibly knowledgeable and are always available to help. They have gone above and beyond to ensure that I was up and running quickly and that any issues that may arise on my end or dealt with immediately. I highly recommend Palindrome Consulting.read more
Moshe Rubinstein
Moshe Rubinstein
14:57 28 Jun 19
They are there every step of the way. Responsive and timely. The full service mentality mixed with the problem solving... abilities, is what makes them an easy choice.read more
Benjamin Wainberg
Benjamin Wainberg
14:09 28 Jun 19
Palindrome Consulting is customer centric. For Palindrome Data Safety is paramount; they keep their and our systems... updated with the newest technologies and are not shy at changing to better alternatives. Their platforms are always running and in the odd case there is an event, their technical team has an awesome response time.read more
Copier Man
Copier Man
13:56 28 Jun 19
We have been using Palindrome since 2005. They make my company feel like we are #1 all the time. Expert staff are... always available to help all my users all around the country.read more
Martin Feldman
Martin Feldman
16:43 26 Jun 19
As a partner in Fischer & Feldman, P.A. we have utilized Palindrome Consulting as our IT experts for many years. In... addition to keeping our server up and running, they are available to consult on the everchanging cloud and web landscape. We could not function as a successful law firm without their constant care, attention and almost IMMEDIATE RESPONSE TIME.read more
Rebecca Fischer
Rebecca Fischer
16:39 26 Jun 19
Palindrome has been my IT company for more than 15 years. We have been through four server and computer replacements... over the years all of which went smoothly. As technology has changed Palindrome has kept us current in their recommendations and are extremely responsive when we run into a software or hardware problem. We have been through hurricanes with Palindrome and felt confident they would have us up and running as quickly as possible and despite the fact we are probably a smaller client, they have treated us as one of their most important clients. I highly recommend Palindrome and have complete confidence in their capabilities and service. They have even gone the extra mile when we wanted to donate our old computers to a children's special needs school and delivered the computers, set them up and provided service for the same. Ilan Sredni is the consummate professional and has surrounded himself with top professionals and skilled technicians.read more
Nelson T
Nelson T
20:32 25 Jun 19
Palindrome Consulting has proven itself time and time again to be the epitome of professionalism and technical... expertise. They take the time to listen to your needs and then apply their wealth of technical knowledge to create truly innovative and robust solutions. They truly deliver piece of mind.read more
Next Reviews
js_loader