CYBER INSURANCE
Cyber insurance can be an important but limited tool to help mitigate privacy violations and data breaches.
Although cyber insurance can be a safety net it is important to not solely rely on this when an incident occurs. It is important to understand that it can be an appealing addition to cybersecurity efforts but does not replace the need for sound information security policies and practices.
Understanding the cover as well as the limits of these policies is vital to managing risk.
Insurance cover is specified and defined, and may differ from provider to provider, so it is important to understand your cover, and what is required for this to be effective.
It may seem that you have broad cover, but a close reading of the insurance language will reveal that your cover is limited by definition, endorsement, or exclusion.
Cyber insurance as a rule does not cover a number of different events and actions, therefore it is important to implement a comprehensive information security program in order to “mind the gaps”.
Do not blindly accept that your cyber insurance will cover every eventuality, it is important to know what risk mitigation it provides. Conversely, do not underestimate the value of cyber-insurance, it can provide a valuable safety mechanism.
WHAT MUST YOU DO?
Decide whether you will take out cyber insurance as part of your risk transfer strategy.
Careful comparison of insurance wording is imperative as terms and coverage provided in cyber-liability insurance policies may vary widely. These may have specific policy limits, sub-limits, or deductibles for each type of coverage. One consideration, for example, is whether the policy covers fines and penalties levied by a regulatory body.
Check whether costs or penalties are included in the definition of “loss” or “damage.” Another consideration may arise due to separate policy limits applicable to damages, claims expenses, or costs. These gaps may directly impact the value of the policy.
There may also be specific requirements and obligations placed on the organisation for the cover to be intact. Check to see what these are and whether you are able to meet these requirements.2: 1 July 2020)