Cyber insurance is a unique product which addresses the emerging coverage gaps in traditional insurance policies due to our increasing reliance on technology and use of data in daily business. Cyber insurance also presents a valuable risk management solution for many data and network risks by providing access to response teams with a clear focus on solving the wild variety of new cyber perils ranging from network outage, data loss/theft or even cyber extortion demands.
The Victor Cyber policy was designed with a clear focus on the risk management and cyber insurance needs of small and mid-size businesses. Our proposals are broken into three bundles; Breach Liability, Breach Rectification and Digital Crime.
Addresses various third-party cyber liabilities
- Privacy Liability: Addresses potential damages sustained by a third-party resulting from loss of protected information. These damages could include emotional distress of individuals, financial damage sustained by a business where the insured lost confidential corporate information held under a non-disclosure agreement, financial damages sustained by a third party including re-issuance of cards, password changes, etc.
- Privacy liability also includes network security liability which contemplates liability arising from the insured owning and operating a computer network. If the insured was unable to prevent unauthorized access to their computer system which caused harm to a third party (i.e. virus perpetuation) or if a hacker compromised the insured system to access another network (i.e. the HVAC contractor being used to hack Target).
- Website Media Liability: Addresses personal/advertising and copyright/trademark infringement exposures arising from content posted on the insured’s website or official social media presence (i.e. Facebook, LinkedIn, YouTube, etc).
- Regulatory Proceeding: Addresses potential fines or penalties assessed by a governmental regulatory agency resulting from a data breach.
- Payment Card Industry: Addresses penalties and assessments levied upon the insured by the payment card industry (PCI) resulting from a data breach. These charges are assessed by the PCI to address losses sustained by banks or merchants including card reissuance, chargebacks, credits issued, etc.
Addresses costs incurred by the insured to respond to a breach
- Data Breach Team: Covers the costs to respond to a data breach including a breach coach who will coordinate the response, forensic expenses, notification expenses both to comply with data regulations or voluntary as recommended by the coach, credit card monitoring and similar credit protection services.
- Business Interruption: Addresses loss of insured income and additional expenses when the insured’s computer system sustains a detectable interruption.
- Digital Asset Loss: Addresses the costs incurred by an insured to restore digital assets following covered corruption event.
Addresses various cyber crime perils and losses
- Cyber Extortion: Provides funds to cover extortion payments or expenses from a cyber demand.
- Electronic Transfer Fraud: Covers loss of insured funds from the insured’s account resulting from corrupted or compromised wire transfer instructions. For example, if wire transfer instructions placed by the insured are compromised by an outside party instructing the funds be transferred to a different account. If the hacker breaks into the insured’s system then changes/manipulates the transfer instructions or sends a false email to the bank from the insured’s system – this would be an electronic transfer fraud scenario. In short – the insured has fallen victim to a crime where the system was manipulated causing them harm.
- Deceptive Transfer: Commonly referred to as “social engineering” losses or confidence scams, where the insured enters wire transfer instructions as a result of being deceived by a third-party via electronic contact (primarily email). For example, an insured was instructed by a principal of the firm to pay a vendor – when actually the direction was sent by a hacker who had taken control of the principal’s email account. The hacker has essentially exploited common confidence in a party in order to deceive them into transferring funds.
- Telephone Toll Fraud: Covers loss where an insured’s voice over IP system has been compromised and directed to call high-cost toll numbers.
This document is for illustrative purposes only and is not a contract. It is intended to provide a general overview of the program described. Please remember only the insurance policy can give actual terms, coverage, amounts, conditions and exclusions. Program availability and coverage are subject to individual underwriting criteria.