What Is Cyber Insurance?

Cyber insurance, often referred to as “cybersecurity insurance,” “hacker insurance,” or even just “cyber,” is an insurance product that covers the costs associated with computer hack attacks, data breaches, and system failures.

The technology revolution irreversibly changed the way that businesses operate, but traditional insurance has not kept pace. E-mail has largely replaced physical mail, most business-critical information is stored electronically rather than physically, and money moves almost exclusively through electronic transfers.

Traditional insurance policies were designed to deal with threats to a company’s physical assets – their buildings, machinery, and office equipment, with no mention of their digital assets. For example, coverage under most standalone crime policies was not even triggered by any type of cybercrime! Thus, the need for a new type of insurance arose and cyber insurance is now a booming segment of the insurance market at the same time many businesses are still without coverage.

What Should I Look for When Selecting Coverage?

Not surprisingly, not all cyber insurance is created equal. When selecting coverage, here are a few key elements to look out for:

  • No (or very few) drawbacks/caveats:

    Be sure to read the fine print when it comes to drawbacks and caveats included in a policy. Many carriers mandate certain cybersecurity practices for coverage to be activated. For example, a lot of carriers include warranty statements that require the insured to carry out dual-factor authentication before carrying out a wire transfer. If the insured fails to do that on the specific wire transfer that results in a fraud claim, the carrier may deny the claim.

  • Comprehensive cybercrime coverage. Look for coverage for the following crimes, which are often excluded:

    Funds Transfer Fraud/Social Engineering;
    Theft of Personal Funds from Senior Executive Officers’ Personal Bank Accounts;
    Theft of Funds Held in Escrow;
    Corporate Identity Theft.

  • Unlimited first-party limit reinstatement.

    Do limits reload on an “each and every claim” basis for first-party coverage, or is there an aggregate limit?

  • Data reconstruction and employee overtime costs.

    If a hacker gains access to your network and corrupts or deletes data, does the policy cover the costs associated with reconstructing or rebuilding the files?

The Top Cyber Attack of 2021

Continuing the trend from 2020, ransomware remains the top cyber attack facing American businesses in 2021. Ransomware is a type of malware that encrypts and locks the victim's data, demanding a ransom payment to decrypt the files. These attacks spiked 715% year over year from 2019 to 2020, according to cybersecurity leader BitDefender.

Based on claim data from Evolve (the cyber insurance firm I work for), the total cost of ransomware attacks ranges from $10,000 all the way up to $3,000,000+. Hackers often gain access to the insured’s financial data in these attacks and base their ransom demand on the amount of cash a business has on hand.

What does comprehensive cyber insurance cover in a ransomware claim?

The ransom demand itself (Avg.: $112K);
Immediate Forensic Response (Avg. range: $10K - $100K+);
Data Restoration ($0 - $100K+);
Business Interruption ($0 - $500K+);
Reputational Harm ($0 - $500K+).

A Few Tips on Risk Mitigation

The following suggestions are intended to be a starting point for organizations serious about their cybersecurity. One of the things my company does is urge all of its policyholders to hold a meeting with their IT team to discuss ransomware preparedness.

1. Enable Multi-Factor Authentication across all company accounts (this is often completely free). Every single account should have MFA enabled, but the following three are the most crucial:

  • Business Email. Once a bad guy hacks your business email account, they can pose as you to the outside world, launching bulk phishing attacks on your own colleagues and all of your external business contacts.
  • Enterprise Data. Hackers target your enterprise data to exfiltrate copies of it, then lock it up via ransomware. The deadliest types of ransomware now specifically target cloud storage, so be sure to also discuss your cloud strategy with IT.
  • CRM. Stealing your business’ hard-earned client data is a gold mine, as hackers gain leverage by threatening to release that data on the dark web

2. Live Phishing Training for Employees

While simple, this may be the most important tool to prevent ransomware. After all, over 90% of malware is delivered via email. Tools like Cyber Risk Aware create fake phishing test email campaigns that look real. If a staff member opens the email and clicks on a link, management will be notified, and the victim will be prompted to watch an educational video about fraudulent email awareness.

3. 24/7 Dark Web Monitoring

My company recommends continuous dark web monitoring (our preferred vendor is Skurio). Skurio continually searches the dark web for information specific to your organization and alerts you in real time to possible breaches of your data, including stolen login credentials.

If you have any questions, or would like to discuss doing business with Evolve, reach out anytime to me or to underwriting@evolvemga.com.