For many businesses, cyber liability is a new area of coverage and learning about the ins and outs can take some time. Below, find several aspects of cyber coverage that deserve your attention when you endeavor to purchase coverage.
1. Prior Acts – The trend with many companies who have suffered a cyber-attack or loss is that they don’t know that they have been a breached until months after the fact. When shopping for cyber coverage, it is important to review the way your potential cyber carrier treats prior acts. It may be in the business’ best interest to go with a carrier that offers a more liberal prior acts response.
2. Unencrypted Devices- As business owners continue to upgrade their network and tools for their employees, one area to be proactive for is ensuring that the new devices are encrypted. Many cyber policies have an exclusion for unencrypted devices, thus effectively voiding a carrier’s responsibility to respond if a cyber-attack occurred with an unencrypted device as entry point. Instead of looking for a carrier that doesn’t have this exclusion, it is in the business owners best interest to invest in preventative measures that avoid a cyber-attack through all devices.
3. Outsourced Functions- Businesses that utilize vendors to outsource any data storage of client personal information needs to ensure that their cyber coverage will respond should a breach of their vendor’s network occur. Some policies will only respond if the breach occurred within the company’s own networks; this type of coverage would be useless to businesses who outsource their data storage. Coverage for outsourced operations should be at the top of the cyber shopping list for business who fall into this data storage category.
Cyber coverage is truly a complex coverage that transforms, almost on a daily basis as more sophisticated technologies create increased instances of cyber loss in new ways. Any business owner looking to assess the cyber risk their business is currently exposed to should contact a Beckerman agent knowledgeable in cyber risk assessment.