What Needs To Be Included In Your Cyber Coverage Policy:
1. Expansive business interruption triggers
- Are business interruptions and extra expenses (BI/EE) covered during a security breach?
- Are network disruptions or system failures covered?
- Is coverage available when a business you rely on is down? (i.e. cloud or supply chain providers)
2. Coverage for Ransomware
- Some criminals will require Bitcoin as a form of payment. Most firms can’t afford to pay a forensics firm to convert a $100,000 ransom to crypto-currency. Then on top of it all, want to get reimbursed from the insurance company That is why regardless of policy language, the payment process should act as a “Pay on behalf” situation.
3. Broad definition of “Private Information”
- Not only do we need to protect account names and numbers, but the policy language needs to be intentionally broad enough to handle geographical location data, biometric data, web browsing history, and even consumer behaviors.
4. Broad triggers for regulatory liability
- Do you need a breach to trigger coverage for regulatory liability & fines and penalties?
- International, national and state privacy laws are expanding beyond data breaches and are now more focused on how information is handled, collected and stored. There can be significant fines if you slip up in any of these areas.
5. Sufficient Limits
- Policy limits that automatically refresh or reset with each unrelated incident.