Subscribe

Who needs cyber insurance?

Kirsten Doyle
By Kirsten Doyle, ITWeb contributor.
Johannesburg, 07 Feb 2018
Candice Sutherland, business development underwriter at ITOO Special Risks.
Candice Sutherland, business development underwriter at ITOO Special Risks.

Liability insurance policies are not designed to respond to intangible losses, therefore, it is important to consider a policy specifically designed to respond to a network breach or privacy breach.

So says Candice Sutherland, business development underwriter at ITOO Special Risks, who will be presenting on 'A solution to cyber-crime: cyber insurance', at the ITWeb Business Intelligence & Analytics Summit, to be held on 14 and 15 March, at The Forum, in Bryanston.

She says considering cybercrime is growing exponentially worldwide, and is now the fourth most reported economic crime in SA, it is imperative for businesses, particularly SMEs to make provisions for this sort of event as it can cause catastrophic damage to any company. "Any entity that has an IT system, internal or external; and any entity that stores data, either employee or third party data, needs cyber insurance."

What does it cover?

So what does cyber insurance cover? She says cyber insurance covers a multitude of events, including a network security breach, either a downstream attack, or unauthorised access to, unauthorised use of, theft of data from, a denial of service attack, or transmission of malicious code to the insured's computer system, including physical theft of the insured's computer system, or any part thereof.

ITWeb BI & Analytics Summit 2018

Register now to attend the BI & Analytics Summit 2018 at The Forum, Bryanston on 13 - 15 March 2018. Candice Sutherland will join other industry leaders in discussing their experience of the best practices for business intelligence and analytics. For the most up-to-date agenda click here.

It also covers privacy breaches, meaning a breach of confidentiality, infringement, or violation of any right to privacy, which results in harm to employees or third parties.

In terms of third party, policies should cover privacy liability, or claims arising from compromised information, network security liability, or liability claims resulting from a systems security incident affecting systems and data as well as causing harm to third-party systems and data. They should also cover media liability, for disseminated content.

A cyber insurance policy will also cover costs associated with incident mitigation, including the cost of responding to a systems security incident, including incident triage, forensic investigation, legal, crisis communication, public relations and credit monitoring.

First party elements covered by cyber insurance will include any regulatory fines assessed by a government regulatory body due to an information privacy breach and business interruption, or loss of income and increased cost of working as a result of a systems security incident.

"Other first party expenses covered are data restoration, or the cost to restore, re-collect or replace data lost, stolen or corrupted due to a systems security incident, and cyber extortion, or the costs associated with investigating and mitigating a cyber extortion threat, and where required, costs to comply with a cyber extortion demand."

Share