While understanding and purchasing cyber insurance policies can be a very confusing process, it is extremely important to make sure your cyber policy fits your organization’s needs. Different companies are vulnerable to different risks meaning some organizations need more protection than others. Regardless of a company’s industry, size or location, an appropriate cyber insurance policy can always be found if the process is done with both comprehensiveness and attention to detail. When searching for your cyber insurance policy, keep in mind these four steps to ensure your policy is the right fit for your organization:
- Assess what coverage is critical by evaluating the likely threats. Cyber coverage typically covers:
- Information security and privacy (standard coverage for damages resulting from the unauthorized disclosure or theft of confidential information)
- Breach response services including customer notification of breaches, attorneys to determine compliance with breach notice laws, public relations, and costs for credit monitoring
- Regulatory Defense and Penalties for violations of privacy laws
- Business Interruption
- Data Protection
- Cyber Extortion
- Breach Preparedness
- If your organization collects credit card data, coverage for PCI fines and penalties is pivotal
- Be Mindful of all sub-limits and policy exclusions: When possible, try to narrow exclusions and sub-limits such as breach response services. Additionally, ensure that all sub-limits are high enough to cover expected costs.
- Work with your insurance professionals to determine the appropriate overall limits based on the size and type of franchised business and other factors.
- Understand the conditions of coverage: Policies often require the insured to work with a list of specific vendors from legal counsel to public relations firms.