The cost of dealing with a data breach goes beyond repairing databases, strengthening security procedures, or replacing lost laptops. Regulations requiring notifications to affected customers also drive up costs for companies when a data breach compromises personal or confidential data. Traditional business insurance may not be enough to protect companies from cybercrime. But just how does cyber insurance work?
Typically, there are several different coverages available. To have coverage that is right for your company, you and your agent can work together to tailor the coverages based on the specific risks your business faces. Following are some explanations of typical elements of a Travelers cyber insurance policy.
Types of Coverage
What cyber insurance does: Companies have an obligation to keep their customers’ protected health information (PHI) and personally identifiable information (PII) confidential. They may face potential liability if the information is exposed in a data breach. This coverage protects companies from liability to others and reimburses companies for expenses related to a data breach, which could include legal counsel and defense, a digital forensics team, notification costs, crisis communications, and setting up a call center and credit monitoring for those affected by the data breach.
Why cyber insurance is important: Many companies store their customers’ confidential information, PHI and PII, as well as confidential corporate information, either for themselves or for another company. For example, an employee benefits company may have personnel records for the employees of dozens of companies it serves, which can mean that a single breach presents the potential for significant liability.
Third-Party (liability) and First-Party Coverage
What it does: Companies have an obligation to keep their customers’ protected health information (PHI) and personally identifiable information (PII) confidential. They may face potential liability if the information is exposed in a data breach. This coverage protects companies from liability to others and reimburses companies for expenses related to a data breach, which could include legal counsel and defense, a digital forensics team, notification costs, crisis communications, and setting up a call center and credit monitoring for those affected by the data breach.
Why it’s important: Many companies store their customers’ confidential information, PHI and PII, as well as confidential corporate information, either for themselves or for another company. For example, an employee benefits company may have personnel records for the employees of dozens of companies it serves, which can mean that a single breach presents the potential for significant liability.
Worldwide Coverage
What worldwide coverage does: Claims and events can occur anywhere in the world, and notification requirements differ by location. To help fulfill these requirements, policyholders can access Travelers’ network of forensics, crisis communications, and legal experts to address claims made or events occurring anywhere in the world.
Why worldwide coverage is important: If a company has a data breach, it must follow the privacy laws that govern where its customers live, not just where it is headquartered. This can be costly, confusing, and time-consuming for a company without specialized resources.
Your coverage for security breach remediation and notification expenses would include purchasing an identity fraud insurance policy, credit monitoring services, computer forensics, and access to a Breach Coach for advice regarding initial breach response.
Cyber insurance also can help protect you before a breach. Mountaineer customers have access to risk management services, cybersecurity experts, and other resources to help prevent a data breach. Perhaps just as importantly, having cyber insurance can help prepare your company to respond effectively in the critical hours and days following a data breach.
For more information, contact a Mountaineer Insurance Services agent.