What Are The Main Advantages Of Having A Cyber Insurance Policy?
The two main advantages of having a cyber policy is, first, so you get a instant response team. Cyber insurance is not like any other insurances where you launch your claim, two weeks later someone comes back to you, appoints an assessor and another two weeks expires before you know it whether or not the claim has been accepted.
You call the hotline that the insurer gives you and an instant response manager is appointed and that is the beginning of the claim’s process. You call the hotline and an instant manager is appointed and they would deploy a team of consultants. The first one they would deploy is an IT forensic consultant. IT forensic consultants are experts in what they do. They handle SAP incidents every day. So in the case, of say, ransomware, they would know whether or not you should pay the ransom.
Sometimes you pay the ransom and you get your system back, sometimes you pay the ransom and you don’t get your system back, so these guys are the best guys to guide you through the situation. In addition to IT forensic consultants, you may need a lawyer.
If your customer’s sensitive data is stolen, you will be subject…you might be subject to investigations by the Privacy Commissioner. You may also need a public relations consultant to manage your business’s reputation. You want your customers to know about the data breach before they read about it in the paper. You may also need a forensic accountant.
If your funds have been stolen or client funds have been stolen, you want someone to look into that and try and stop the flow of funds if possible. There’s a second advantage of cyber policy is it will cover the cost associated with a cyber attack, so you’ve got the cost of IT consultants, forensic accountants, public relations, they all cost a lot of money. If credit card information is stolen, you will also need to provide a credit monitoring service.
They will also cover regulatory investigations and any fines or penalties that might be issued. The Privacy Commissioner may investigate the data breach. If you are a credit card service provider, you may be in breach of PCI Compliance and also subject to their fines and penalties.
In addition to that, you could think about the business interruption costs. Another thing to think about is the business interruption costs.
If your system is down for hours, days, or weeks, how much does that translate to in as profits? A good cyber policy will cover you for those loss or profits and they will also cover what we call “increased waiting costs,” so if you need to employ additional staff to handle telephone enquiries. As you can see, time is of essence with a cyber attack.
You want it managed ASAP quickly and you want to get your business up and running again and minimise the losses to your business.
What Are The Limitations Of A Cyber Insurance Policy?
The limitations of the cyber policy is, it will cover the cost and expenses but it won’t cover the physical loss of data.
So if you’re not updating…if you don’t use firewalls, if you’re not updating security patches, that’s when they come through. If you’re not backing up critical business data, then once that information is gone, it’s gone.
So in summary, a cyber policy will help you with the instant response and cover the cost associated with the cyber attack, but at the end of the day, it only works if you back up your data.