TYPES OF CYBER INSURANCE COVERAGES
Costs associated with Legal and Regulatory Actions- This refers to covering of all the costs, which are associated with drafting notification, legal advice given to concerned regulatory bodies. It also covers the cost incurred in responding or defending various regulatory investigations.
Costs associated with Incident Response- This refers to the costs incurred in accessing the response team for CFC Cyber Incidents on a 24/7 basis in order to consult with then during any kind of cyber event.
Forensic, IT and Security Costs- This refers to the covering of all the costs, which are associated with hiring a IT security consultant, in order to hire their help in identifying the scope and source of a particular cyber event, take their advice to remedy the situation, removing malware and also for providing expert testimony.
Costs associated with Crisis Communication- These costs refer to costs associated with public relations, which deal with protecting the brand/reputation of the insured.
Costs associated with Privacy Breach Management- This refers to covering all the costs, which are associated with notifying the companies/individuals that the information which they had kept as a non-public asset, and which had been stored by a contracted third-party cloud provider, also known as the insured, has been breached or compromised. This also covers the costs associated with providing credit monitoring to the individuals/companies and to establish a helpline for identity theft for them.
Costs associated with Third-Party Privacy Breach Management- The insured is known to oftentimes store confidential information belonging to the client of their client. In the scenario that there has been a breach in the system of the insured, and when a legal contract binds the insured to do the following, these costs cover the tasks undertaken by the insured to notify on the behalf of the clients that they have.
Costs associated with Post-Breach Remediation- Once a cyber event has taken place, the cyber incident manager of the company helps in analyzing and assessing the breach, helps in developing procedure documents and provides the employees training to avert such situations in the future. The costs incurred in this process are covered within this.
Fraud associated with Funds Transfer- This covers the cost of any electronic funds transfer done by an unauthorized third-party, electronic theft done from the corporate credit card or bank accounts of the insured. This coverage also includes covering for loss, which has resulted from the insured being duped or tricked into parting with his/her funds voluntarily.
Personal Funds Theft- This coverage covers any case of theft of personal funds belonging to an Office in a Senior Executive position (from their own personal accounts), which has resulted because of a breach of security in the network of the insured.
Theft of Escrow Funds- This covers the cost of any kind of electronic theft done by a third party from the escrow funds of the client, which the insured held.
Extortion- This part covers any and all costs related with threatening to put a malware or virus in the network of the insured or a threat to encrypt or shut down their systems completely or partially unless a particular sum of ransom gets paid.
Theft of Corporate Identity- This covers the costs, which are associated with the theft of the electronic corporate identity of the insured, whereby somebody else is entering or communicating in online contracts in a fraudulent manner, trying to deceive and portray that they are the insured.
Telephone Hacking- This coverage is associated with covering for the costs incurred if the insured’s phone system is hacked into, which may include unauthorized bandwidth usage or calls.
Phishing- This includes the coverage, which is designed to cover the costs incurred in responding to electronic websites/communications, which are fraudulent and have been made to impersonate and look like the insured. The costs which are covered as part of this coverage includes reimbursements to clients for any kind of financial loss that they might have suffered as a result of the fraudulent communications, clearing out of press releases that have been released to look like they have been released by the insured, etc.
Costs associated with Rectification and System Damage- This coverage is responsible for covering all costs that have been incurred by the insured in order to restore systems, which might have been damaged during a virus attack or breach by a hacker. It also covers all extra costs that have been invested to lessen the damage that has been caused.
Costs associated with Interruptions caused to the Business’s Systems- This is associated with covering the costs that have been incurred because of loss of profit, caused by a system outage of the business, due to a malicious hacker or virus attack. All extra costs that have been incurred in order to mitigate the said interruption also fall under the purview of this coverage.
Consequential Reputational Harm- This coverage covers the cost incurred by the insured due to the loss of customers because of a malicious virus or hacker attack. The loss of customers might have resulted owing to the bad impression of the insured’s brand created because of the cyber event.
Costs associated with Loss Adjustment- This coverage includes the cost that is incurred in determining the loss that has been suffered because of system damage, consequential reputational harm or network interruption.
Network Security Liability- This coverage provides protection to the insured from claims raised by third parties after an hacking event or a virus attack, which had taken place on or has emanated from the computers of the insured or from the computers of third party cloud provider that works for the insured on a contractual basis. This coverage also covers for any claims that may arise from the computers of the insured being used to carry out an attack of denial of service, from failure in preventing unauthorized access or theft of identity of third parties, employees, etc.
Privacy Liability- This coverage provides protection to the insured from claims raised by third parties regarding failure to protect personally identifiable information, which may include corporate information of a confidential nature or employee information. It also provides covers the insured from failure to notify/warn affected individuals.
Management Liability- This coverage provides protection for D&O claims raised by excess individuals (Side A). This is simply a D&O coverage, which may have been raised owing to a cyber event (i.e. the loss of value of shares). This coverage acts as the primary when the any other coverage does not apply.
Regulatory Fines- This covers the costs of any penalties or fines for violating privacy regulations.
PCI Fines, Assessments and Penalties- This covers the costs incurred in assessment, fines or penalties resulting from non-compliance of Data Security Standards as laid out by PCI.
Media Liability- Media Liability basically refers to the costs that are associated with different claims that allege to liable defamation, slander, violation of intellectual property rights, which may include trademark, copyright, service name, service mark, trade dilution, trade name, trade dress, rights for domain names, rights for design, rights for image, moral rights, licenses concerning intellectual property rights, plagiarism to name a few.
Regulatory Actions and Investigations- This provides coverage for fines, defense and penalties, which are incurred because of violating privacy laws.
Technology Omissions and Errors- This coverage is included for covering incidental cases of E&O of technological exposures. If the exposure is greater than incidental, then the risk is quoted on a separate tech, which includes cyber.
Costs associated with Court Attendance- This covers all costs that are associated with depositions, attending the court, etc. and as a result being out of work.