Businesses and individuals worldwide are facing cyberattacks now more than ever before.
Unfortunately, most victims of a security breach only become aware of cyber liability insurance after they have already suffered a loss.
Cyber coverage is specifically designed to help in the event of a cyber breach. It is available for businesses of all sizes as a standalone policy or as a package. The protection of these policies doesn’t end after a breach occurs. The most important insurable coverage can be broken down into these categories: cyber liability, breach response and business loss.
Liability insurance covers privacy, security, media and regulatory acts. It includes unauthorized data access, negligent practices, copyright infringement, defamation, regulatory demands and privacy breaches. Breach response insurance assists in recovery post-cyberattack. Business loss coverage aids income recovery post-attack, including reputation damage.
Not all cybercrime is being performed by human beings. AI is providing a new playbook for the ever-increasing cybercrime channels.
It’s not a question of if, but when an individual or company will fall victim to cybercrime. The two primary questions an organization must ask are: Is there preparedness for an organized cyberattack and is coverage in place to properly mitigate these risks? This is not about the basic scam emails that are easily recognized or flagged by antivirus software on a daily basis. It is about significant financial impacts that will affect P&L in ways that are simply unaffordable.
Recently an industrial contractor wired over $850,000 to what it thought was an engineering firm’s bank account. They did all the right things and checked the boxes on the internal wiring funds process checklist, but unfortunately, that simply was not enough.
The insured party received wiring instructions regarding a project they knew had an outstanding invoice due, but the voice on the other line was not their vendor. They had a two-step verification process and spoke with an individual confirming the amount being wired and the account number. By the time they knew what had happened, the money was gone, and they still owed the engineering firm $850,000 for services rendered. This is where education comes into play.
Most cyber liability policies today have robust third-party liability coverage limits — damages to others — but first-party cybercrime — damages sustained to a company because of others — is what must be given close attention.
First-party cybercrimes are usually noticed first, typically after funds fail to reach the rightful party. The most common first-party loss is social engineering, the loss of funds via trickery or deceit, which is exactly what happened in the earlier example. Make sure to purchase an ample amount of coverage, equal to or greater than the number of monies regularly wired.
Ever-advancing technology in the hands of bad actors requires insurance programs to advance at the same pace. Take the time to discuss cyber liability insurance with an agent to stay informed and prepared.
For more information, visit hpigrp.com or call (281) 204-8770.
