How Cyber Risk Insurance Protects Your Business

We ensure everything that’s valuable to us, from our health to our assets.

So, why shouldn’t we do the same for our online properties? The loss, compromise, or theft of cyber data can impact businesses significantly, especially if they’re found liable for damages. But with Aviva cyber risk insurance, you can protect your business from negative cyber events and find timely remediation of related attacks and incidents.

What Is Cyber Risk Insurance?

Cyber risk insurance is an insurance product designed to protect an organization from security and privacy events, cover its liability for malicious cybersecurity activities, and aid in its support, defence, and recovery after a data breach. It can help offset costs related to legal fees, personal identity restoration of affected customers, recovery of compromised data, repair of damaged computer systems, and customer notification of data breaches.

Doesn’t a General Liability Policy Cover Cyber Risk?

While general liability insurance covers injuries and damages from a business’s products, services, or operations, it often excludes cyber risk, which is why there’s a separate product for it.

What Does Cyber Risk Insurance Cover?

Similar to other insurance products, cyber risk insurance covers a common set of scenarios, such as:

• Data breaches
• Malware infections
• Extortion and ransomware demands under threat of compromising sensitive data
• Liabilities associated with contracts
• Defences against class-action lawsuits and settlement payments
• Legal expenses, fines, and penalties related to regulatory investigations
• Lost business profits, accrued expenses, and extra costs during a cyber risk incident
• Media liability associated with infringement
• Losses due to social engineering fraud
• Profit lost due to reputational damage caused by a publicized cyber attack

Many of these incidents can be triggered by third-party vendors, so many insurers are beginning to offer policies that cover third-party liability losses, too.

Each business is unique; thus, the coverage that you seek must be tailored to the specific needs and risks of your organization.

What Isn’t Covered by Cyber Risk Insurance?

Most cyber risk insurance policies don’t cover preventable security issues, such as poor cyber defence configurations or irresponsible management of digital assets. Other issues excluded by cyber risk insurance include:

• Physical damage of property or infrastructure failures not caused by a purposeful cyber attack
• Lost value due to intellectual property theft
• Loss of potential future profits
• Pre-existing or prior breaches (that occurred before the policy was purchased)
• Cyber risk events initiated internally
• Failure to correct a known vulnerability
• Cost to improve technology systems

Like other insurance products, cyber risk policies require organizations to prove that they are actively taking action to protect their technology and networks against cyber risks. Otherwise, they won’t be approved for insurance or will be charged higher premiums.

Cyber Insurance Doesn’t Replace Cyber Defense

Every organization nowadays is vulnerable to cyber incidents. Cyber risk insurance is a great way to mitigate and resolve any damages caused by such scenarios. But employing a robust cyber defence system is still the best way to secure your business online.