Cyber Insurance Coverage: Why Commercial General Liability Isn’t Enough

Posted by Matt Simon on Oct 29, 2015

Protecting your assets – both tangible and intangible is crucial in today’s business world. And as our world continues its rapid pace of change and development, have you stopped and asked yourself this question:

When is the last time I did a thorough review of my insurance coverage to make sure it has kept up with the changes to my business, and the new risks I face on a daily basis?

Why is this question so important?

Because not that long ago, some of the most common business assets were pieces of heavy equipment, buildings, inventory and other tangible products.

In today’s world, it’s all about the intangible assets that are woven through the fabric of the organization. These proprietary assets such as intellectual property, trade secrets, customer data and business plans, can be the foundation for which a business is built – and it should be protected.

One of the best ways to protect the assets of your business is to carry adequate Commercial General Liability (CGL) Insurance

But is it enough?

A CGL policy protects your business from damages caused by bodily injury or property damage for which your business is found to be legally liable.

A typical CGL policy contains three coverages, designated by letters in the policy:

A.  Bodily Injury and Property Damage Liability (BI/PD) – the duty to indemnify and defend the insured for claims made due to bodily injury or property damage.
B.  Personal and Advertising Liability (AI/PI) – same framework as Coverage A, except it insures claims for personal injury and advertising injury.
C.  Medical Payments – insurer promises to pay emergency medical expenses for bodily injury as a result of an accident on the insured’s premises. It pays regardless of who is at fault.

But businesses operating in the 21st century face new risks… risks that are far beyond the scope and intent of the General Liability Policy

Don’t get me wrong, the Commercial General Liability Policy is still very much needed.  Nearly all businesses face the risk of a lawsuit if they cause injury to someone, or damage someone’s property.

So we’re not saying that the CGL is irrevelant, just that it was never designed to protect businesses from claims such as data theft, loss of business income due to computer system outage, identity theft or extortion when your data is the hostage.

Specialized Cyber Liability Coverages

Because of the increase in the number of intangible assets companies possess, the number of companies doing business on the Internet, the use of email, and the collection of data - whether in digital or hard copy format, new types of liability coverages have emerged to meet specific needs.

Businesses face threats today that would have been unimaginable 20 years ago.  Adding to the problem is the fact that the Commercial General Liability policy was developed long before these types of risks existed.

Bottom line is the CGL alone is not capable of adequately protecting a business operating in today’s environment.

A robust Cyber & Data Breach Liability policy can cover:

  • Cyber Liability: third-party financial loss arising from a hacking attack or virus emanating from, or passing through your computer systems
  • Privacy Liability: breach of any personally identifiable information of your clients or employees
  • System Damage: costs you incur to retrieve, restore or replace any of your computer programs that are lost or damaged
  • Business Interruption: replacement of your lost income resulting from a computer system outage because of a cyber attack
  • Consequential Reputational Harm: covers your reduction in profit resulting from the loss of current or future customers caused by damage to your reputation
  • Regulatory Actions or Investigations: coverage for costs, expenses, fines and penalties as a result of a regulatory investigation arising out of an actual or suspected breach
  • Breach Notification Costs: all sums reasonably incurred as a result of an actual or alleged security breach to notify any third party or employees, provide credit monitoring, and conduct a forensic investigation
  • Multimedia Liability/Advertising Injury: sums you become legally obligated to pay as a result of defamation, emotional distress, intellectual property rights infringement or invasion of rights of privacy
  • Crisis Communication Costs: costs you reasonably incurred for the services of a public relations consultancy to avert or mitigate damage to your reputation or brand caused by a claim
  • Computer Crime: reimbursement for unauthorized electronic funds transfer, theft of money by electronic means, or theft of digital assets
  • Cyber Threats or Extortion: reimbursement for payment resulting from a threat to prevent access to your computer system, introduce a virus to your system, reveal your confidential information, or damage your brand or reputation by posting false comments on social media sites
  • Telephone Hacking: costs you incur as a result of your telephone system being hacked, including the unauthorized calls or unauthorized use of your bandwidth
  • Phishing Scams (fraudulent electronic communications or websites designed to impersonate you or your products): reimbursement to your customers for their financial losses arising from the fraudulent communications, and your reduction in profit as a direct result of the fraudulent communications

Curious about what you can do to prevent Cyber Crime?

ohio-cyber-crime-prevention

Conclusion

Cyber & Data Breach Liability coverages are developing on a daily basis as new threats emerge and new insurance companies enter the market.

Regardless of the type of business, one thing is certain, if you’re a business in operation today, you face at least one of the exposures listed above.  Which means, you need to thoroughly understand your risk of a loss, how you would respond if a loss did occur, and whether Cyber & Data Breach Liability coverage makes sense for you.

The level of coverage your business needs is based on your individual operations and can vary depending on your range of exposure. It’s important to work with an Insurance Advisor that can identify your areas of risk, and customize a policy to fit your unique situation.

If you’d like additional information and resources, we’re here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk.  You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance a part of your insurance portfolio, Request a Proposal and we’ll get to work for you.

Cyber & Data Liability Insurance eBook

Additional articles that may interest you:

Cyber Liability Claims Examples

I'm a cyber breach victim, now what?

A lesson from the Sony Data Breach

Category: Cyber Liability Insurance (1)

Comments