• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Make Your Remote Work More Secure

Support: 512-422-5347
Sales: 512-627-5954

Paladin InfoTek

Keeping Your Business Running

  • Home
  • About
  • Blog
  • Services
    • Operational IT
    • Basic Managed Security
    • Enhanced Managed Security
    • Business Continuity
  • Assessments
  • Testimonials
  • Contact Us

Cyber Insurance: The basics of coverage

August 1, 2022 by Edie Sabillon

Among those firms that take risk management seriously, there is a growing awareness of the need to consider some manner of insurance to protect against the costs of cybercrime. Standard commercial property insurance policies do not generally include provisions for the damages from cybercrime. In a growing number of commercial policies, they are specifically excluded. As a result, executives who recognize the catastrophic damage that a cyberattack can inflict on their business are looking at cyber insurance to transfer the financial losses to a third party. Learn in this blog about Cyber Insurance: The basics of coverage.

However, before looking at cyber insurance, it would be a good idea to summarize the specific areas of risk that you may face in the event of a cyber attack. Before selecting a policy, you need to consider what areas of exposure are most threatening to your business. This blog will review the major areas of risk exposure that you face from cybercrime in order to provide guidance for selecting what you expect a cyber insurance policy to cover.

Before looking at your key areas of risk, let’s summarize what is generally meant by cybercrime or cyberattack. For the purposes of this general discussion only, cybercrime can be thought to include any digital or internet-based attack that compromises you and/or your customers’ data and/or causes disruption to business operations. A non-inclusive list might include Denial of Service (DoS) attacks, phishing scams, adware, ransomware attacks, system/website cloning, viruses, and other malware, and viruses. Cyber Insurance: The basics of coverage are here to protect you.

First-party and third-party coverage

When you start looking at cyber insurance, you are likely going to encounter discussions of first and third-party coverage. This is referring to the protection against losses incurred by first- and third parties as a result of a cyberattack. First-party is all about you. The term refers to all of the losses you suffer directly because of the event. Third-party refers to all of the losses suffered by others as a result of the cyber event which hit your business. Generally, this is going to refer to your clients and others whose data you handled and that was compromised in some fashion as a result of the cyber event.

So let’s take a high-level look at the risks that fall under these categories.

First Party losses – all about you

Let’s start with the immediate consequence to your business from a cyber attack: that is the loss or damage to the electronic data you hold. That can be any electronic data that you possess, including the data of your clients. The compromising of customer data is of special concern when it includes Personally Identifiable Information (PII). PII can identify a specific individual. Examples include full name, address, social security number, birth date, etc. Cyber insurance would generally help you cover the expenses from a data breach only from a specified covered peril such as a DoS, hackers, virus, etc.

Following the risk that your data faces from a cyber event, first-party losses may also include the expenses that cascade down from that first event.

  • Forensic expenses – You will find it necessary to use resources to find out what happened. The ‘when, where, why, how,’ the breach or event occurred and most importantly, who is affected. You can’t begin to fix anything until you find out what is broken.
  • Recovery costs – These are all the extra resources you may expend working to recover lost or damaged data. Depending on the complexity and the resources of your in-house staff, recovery and forensic efforts may require outside consulting support.
  • Loss of income – This would be akin to the business interruption insurance you may have under your commercial property insurance policy. It refers to the income lost as a consequence of the data event.
  • Extortion – Did you have to pay a ransom to get your data back? Ransomware is a popular form of cyber attack and while governmental authorities strongly recommend against giving in to ransom demands, many entities end up finding that is the only path to data recovery
  • Notification – Keep in mind that under various piecemeal state and federal regulations, you may have specific notification requirements to alert anyone whose data was compromised. This may require media ads, mailings, etc.
  • Public relations – Because data breaches often require public notification, a cyberattack can be a branding nightmare. For small businesses, it can be fatal. You will certainly need to expend considerable resources to recover the confidence of your clients or customers.

Third-Party Losses

Third-party losses refer to your liability for the consequences of the data breach to others. For simplicity’s sake, this most often will be those customers whose data was “hacked”.

  • Network Security – Lawsuits may occur alleging that you failed in some way to provide adequate security for the data. If the data was compromised, or the data could not be accessed as required because of the event, the claim would be that you were in some way negligent regarding network security and failed to protect PII.
  • Network Privacy – This refers to lawsuits alleging damage from the exposure of PII. Examples would be identity theft, damage to credit ratings, invasion of privacy, etc.
  • Errors and Omissions – Suits could also claim that mistakes in your software design or a coding error were what led to the vulnerability.

Summary

As you can see, a cyber attack can create two primary categories of losses that cyber insurance can be used to address–what happens to you, and what happens to your clients. However, this is just a quick look at the major areas to address. There are a lot of weeds to get into when looking for a cyber insurance policy. Just for one example, some policies may create requirements and security standards you must meet before an event will be considered a covered loss. In short, cybercrime creates a large range of potential first- and third-party losses that few businesses can hope to absorb on their own. Protect yourself with Cyber Insurance: The basics of coverage.

* * Note: Insurance policies are legal contracts. The e-guide is just a general primer to some of the risks that you might look to have covered in a “cyber insurance” policy and in no way is to be considered legal guidance.

If you need more information about Cyber Insurance click here!

Don’t forget to follow us on Twitter & Facebook!

Filed Under: Blog Tagged With: blog, Computer, hackers, houston, IT, ITSupport, programming, ransomware, security, Services, systems, technology, texas, website

Visit our Facebook Page

Visit our Facebook Page

Recent Posts

  • Cyber Insurance: The basics of coverage
  • What the COVID-19 crisis taught us about the cloud and business continuity
  • Password management tools: A must-have IT investment for businesses
  • Is co-managed IT A good idea?
  • Cybersecurity in a post-pandemic world

Follow me on Twitter

My Tweets
  • MLS Direct Network, Inc.

    “Your search for an IT provider ends here. Our company was in the midst of a grueling search for a new IT provider as we were moving from a cloud server, to an in-house server when we were introduced to Paladin IT by a respected mutual colleague. We had started our search in November of 2016, went through countless meetings with other IT support companies in the area, and decided to sign on with Paladin in April of 2017 after having already worked with them for over a month outside of any signed contract. That’s right, Stan and Phil took the time to closely work with us as we had countless phone conferences with Dell to make sure we had all the hardware and software we needed without really knowing whether we were signing any agreements. That’s how much Stan and Phil care. Right from the start Paladin IT went above and beyond any expectations we had for any IT Services company.”
    -Brett Davis, Executive Administrator – MLS Direct Network, Inc.

    Read More
  • Diane Fulmer, CPA

    “My past experiences with a number of IT service providers and Paladin IT have been night and day. Prior to signing on to Paladin’s Managed IT Service plan, we would have to wait days or even weeks for a problem to be resolved. With Paladin, my experience has been quite the opposite; they respond quickly and resolve our problems immediately or within a few hours. Whether we need remote support for a minor problem or a technician on-site to fix the problem, it is solved quickly and professionally. I highly recommend Paladin IT to anyone looking for a professional, responsive, and highly competent IT service provider for their business.”
    — Diane Fulmer, CPA

    Read More
  • Consider It Closed Realty, LLC

    “Right from the start, they impressed me with their efficient, professional manner - an approach that not only inspired confidence, but generated the results I was looking for. I needed a quick, effective solution to computer issues at that moment and they were able to help me. Since then I have called upon them many times to render help – I can count on them, their follow-up and reasonable rates. If you are looking for a business “partner” that will be there when you need them, may I suggest you contact Paladin InfoTek.”
    — Sue Kaligian - Owner, Consider It Closed Realty, LLC

    Read More
  • Director Operations

    “Paladin IT gave us a scaled version of Managed IT support which made sense both in terms of coverage and cost. I was very pleased with their responsiveness and attention to detail. Paladin also out-performed during our move from one facility to another. We did a walk through and they gave us a plan based upon our requirements. They hand held us through the move. We moved on a Thursday and Monday morning we were fully up and running, which was, all things considered, amazing. I recommend Phil and the rest of the Paladin IT team to anyone who needs Managed IT services. They are a great team providing excellent value.”
    — Barry L. Dichter, Director Operations

    Read More
  • StepStone Med, Inc.

    “I was recently unable to access key files or perform a backup. I called and they came up with a solution to save my important data and all my applications prior to replacing the hard drive. A big ‘Thank You’ to Phil and his techs. I didn’t lose a single file, and I was able to get back to business in no time at all.”
    — Cynthia Sheridan, CEO StepStone Med Inc.

    Read More

Services

  • Total Care Service
    • -Operational IT
    • -Basic Managed Security
    • -Enhanced Managed Security
    • -Business Continuity
Paladin Infotek logo

Support: 512-422-5347
Sales: 512-627-5954

Contact Us

Copyright © 2023 Paladin InfoTek · Privacy Policy · Built by Hot Dog Marketing