Cyber Insurance Counseling

Cyber insurance coverage is designed to cover losses arising out of cyber attacks and other privacy and data security breaches. It is an essential component of a company’s cyber risk management plan; however, many companies forego available policies due to the perceived high cost of those policies, confusion about what they cover, and uncertainty that their organization will suffer a cyber attack. As there is no standardization of cyber insurance policies, and different industries have different kinds of risk, it is important to identify the nature and extent of an organization’s risk when considering cyber insurance. The terms and exclusions can vary dramatically from one insurer to the next. Cyber insurance policies can provide coverage for third-party liability, first-party losses or both.

There is additional perceived value to having insurance. Insurance places a dollar value on an organization’s cyber risk, which is useful for risk managers budgeting for cyber security. The underwriting process helps identify and eliminate cybersecurity gaps and provides for significant due diligence through extensive questionnaires. Insurers provide third-party assessment of an organization’s administrative, technical and physical controls. Many cyber policies bring supplemental value, as they include risk mitigation tools, significant incident response assistance following a cyber incident, and put approved vendors in place.

Our group advises clients when purchasing coverage to ensure that a policy matches a business’s specific needs. We advise on appropriate limits and sublimits and match a company’s limits with realistic exposure and the organization’s risk appetite.