Cyber Liability Insurance Consultation

Cyber risk can occur from a network security failure or a data privacy incident. Cyber insurance transfers this risk to an insurance policy, which is designed to pay some of the expenses incurred from a cyber-attack. DIGIGUARD will help your SMB evaluate cybersecurity insurance coverage and policies. Our consultants can help you understand and compare coverage information or negotiate policy terms and coverage. Your company’s strategy to manage and mitigate risk should include cyber insurance as part of a cyber incident response plan. Our experts can help you assess the need for coverage for a wide variety of first- and third-party losses, including:

• Loss of sales income and productivity
• Legal claims for privacy, data breach, fraud, defamation claims
• Incident investigation
• Incident response planning
• Data recovery from destruction or theft
• Notification of injured parties
• Credit monitoring
• Public relations and incident management costs
• Ransomware and extortion demands
• Regulatory fines
• Damages to equipment or systems caused by website or networks
• Media and website liability
• Denial of service attacks
• Crisis management activity for data breaches

Risk Impact Assessment

DIGIGUARD evaluates your risks and needs from an IT and cybersecurity viewpoint to obtain appropriate protections for your company. Our team performs a complete risk assessment of financial data assets, customer data assets and intellectual property assets and ranks them as high- or low-risk. Cybersecurity risk affects every level of your business. We gather input from stakeholders and departments to determine the ramifications of data loss or compromise for each area of your company. Our consultants assess the vulnerability of your high-risk assets and confirm adequate coverage. Industry regulations and specialized technology requirements are considered during the asset risk assessment. You should consider a cyber insurance policy if your business has high-risk assets and:

• Collects payment information online
• Has a database containing personal customer information
• Stores employee health or Social Security information digitally
• Relies on technology for daily operations
• Is located in a state with mandatory data breach notification laws
• Has a website that interacts with the public
• Conducts any portion of business online
• Has data handled by a third party online

Cyber Policy Gap Analysis

DIGIGUARD can help verify that your cyber liability policy coordinates with the other types of insurance you have to avoid cyber coverage gaps, eliminate duplicate coverage and help reduce insurance costs. Traditional commercial insurance policies increasingly exclude cyber risks from their terms. This exclusion has led to the emergence of stand-alone cyber insurance policies. These policies can protect against a wide range of losses that a business incurs directly or causes to others. Examining what type of protection is present and exploring how that coverage applies help companies avoid gaps and redundancies. SMBs in highly regulated fields such as healthcare or banking, or businesses that store the personal data of employees or customers, are increasingly required to carry cyber liability insurance for vendor contracts. Our strategy includes:

• Analyzing current cyber risk coverage gaps
• Reviewing coverage strategy during changes or mergers
• Identifying trends and potential future gaps
• Aligning exposures to potential gaps
• Locating duplicate coverage in existing policies
• Leveraging pre-incident security products and services included in the coverage

Cyber Risk Policy Considerations

Cyber liability or cyber risk insurance is a relatively new product. The coverage options are complicated and there are significant differences between the protections offered by various insurers. DIGIGUARD will help you review and compare coverage, provide the wording for suggested endorsements, or negotiate additional benefits. Here are some of the items we consider:

• Coverage date – Retroactive coverage and the incident types it applies to
• Additional coverage – Exceptional incidents not typically covered unless the policyholder seeks out additional coverage such as incidents caused by third parties or cloud services, lost device damages, large-scale data recovery, large-scale public relations campaign
• Exclusions – If an important coverage aspect is excluded, negotiate or seek out other options
• Appropriate limits – If the cost of a breach is underestimated, it could result in high out-of-pocket costs

Contact DIGIGUARD to manage and evaluate cyber liability protection options.