Cyber insurance claims

Following icon - lock icon

Read time: 6 minutes

As relatively new entrants to the insurance market, cyberliability policies are more variable and tend to have fewer standard terms and conditions than other insurance policies. The differences for each depend on the type of cyber insurance coverage being considered.

Authors: Lin Zheng

Generally, however, cyberliability insurance can be grouped into two categories:

  • First-party cyber insurance, which covers the policyholder’s own losses caused by a cyber incident; and
  • Third-party cyber insurance, which covers the policyholder in connection with its potential liability for third-party damages and losses as a result of a cyber incident.

First-party cyber coverage. The critical consideration for an entity purchasing first-party cyber insurance is a full and in-depth understanding of the entity’s own IT systems, system networks, hardware, software and the potential vulnerabilities related to its IT systems. Once these are understood, policyholders should negotiate for policy terms that include coverage for all potential costs related to a cyber incident, such as costs associated with the investigation of the cause of a cyber incident, costs notifying those who have been impacted by a data breach, costs of providing credit or other information monitoring services for impacted individuals and the cost of paying ransom to extortionists holding systems or files hostage.

Policyholders also should negotiate for cyber insurance provisions that cover the costs to repair or restore software and data affected by a cyber incident, as well as the costs to replace or recreate such software and data in the event of a complete loss of such software and data.

Further, policyholders need to have a full and complete understanding of how their gross earnings could be impacted by a potential shutdown of their business due to a cyberattack.

Policyholders should consider cyber insurance policies that broadly cover the potential business income loss and extra expenses that may ensue from cyber incidents to their own systems, as well as the losses and expenses stemming from a cyberattack to a vital supplier or vendor.

Third-party cyber coverage. Third-party cyber insurance policies generally offer coverage for the policyholder’s “loss” – in the form of potential defense costs, settlements, judgments, fines and penalties – should a third party, including a governmental or regulatory entity, bring a “claim” in relation to a cyber incident within the policyholder’s systems. Critical terms such as “loss” and “claim” vary from policy to policy, and every policyholder needs to assess whether the policy’s definitions sufficiently cover its needs.

Key takeaways
  • Seek policies that cover costs for investigation, notification, credit monitoring, ransoms, etc.
  • Be sure to understand how much money you would lose in a cyberattack before buying a policy.
  • Critical terms such as “loss” and “claim” vary from policy to policy.
  • Various traditional policies may cover certain costs of cyberattacks.