Skip to main content

Cyber Insurance: All you need to know

 







x

In simple terms, cyber insurance is insurance that covers the liability of a business under a data breach where sensitive personal data of the customer(s) are involved. This sensitive personal data includes credit card numbers, driver’s licenses, social security numbers, account numbers or health records. It not only covers businesses but also individuals that provide services under such businesses. Risks that are internet-based such as information privacy, information technology infrastructure, information governance liability, etc are generally excluded from traditional insurances that cover commercial liabilities.

Cyber insurances provide certain coverage like first-party coverage and liability coverage. First-party coverage includes losses caused by extortion, theft, data destruction, DoS attacks and hacking whereas liability coverage indemnifies companies against losses caused to others which includes failure to safeguard data, error and omissions or defamation. There are other benefits under cyber insurance like public relations post-incident and investigation expenses, criminal reward funds, and regular security audits.


Is cyber liability covered under general liability policies?

As explained above, cyber insurances are usually excluded from such general policies. This is because general liability policies only cover businesses from damage to property or bodily injuries that have been caused by their products. 


What is covered under cyber insurance?

The process of sending notifications to customers whose Personal Identifiable Information {PII} have been compromised in a data breach can be very expensive. But most states in India requires companies to do so. When we even talk about free credit monitoring offered by companies, it is not required in most states but proves to be beneficial to go along with public relations. Due to this, cyber insurances include the costs related to the following:

  • Data breach notifications to customers

  • Legal fees and expenses

  • Recovery of data compromised by hiring computer forensics

  • Replacing or repairing computer systems that have been damaged

  • Restoring the affected customer’s personal identities or data that has been altered or stolen

  • Meeting demands of extortion under a ransomware attack.


What is not covered under cyber insurance?

  • Cyber events that have been caused by a company’s employees or insiders

  • The cost incurred in technological improvements like hardening security in the application or system

  • Cyber events that occurred in the past, before purchasing the policy

  • Failures in infrastructure that was not caused by any cyber event

  • Failure by the company to fix a vulnerability that was known


Who is required to get cyber insurance?

Cyber insurance should usually be taken by businesses that manage, create or store data electronically including customer sales, contacts, credit card numbers, health records, etc. The best examples are e-commerce platforms such as amazon, flipkart, myntra, etc who can undergo a huge loss in customers and sales due to cyber incidents. Even businesses who simply store information of their customers on their websites can benefit under cyber insurance.  


To stay connected, please check: https://www.worldcybersecurities.com/

                

By: Aarushi Chopra

   {BA LLB, Amity Law School}


Labels:

Comments

  1. Unknown11:58 PM

    Insightful! Thanks for sharing.

    ReplyDelete
  2. Aarti R10:04 PM

    Great work! Cyber insurance is indeed need of the hour. We need to build more infrastructure and create awareness about it.

    ReplyDelete
  3. Chinmayee kulkarni11:45 AM

    It is very important to understand and become aware about this topic - cyber insurance. Many cyber frauds take place and people face great financial losses due to same. Insurance companies can revamp such losses by giving aid to the cyber victims. There must be a legislation for the same where every person required would understand and can avail the insurance facilities.

    ReplyDelete
  4. Devendra Shukla11:26 PM

    Cyber insurence developed faith towards the data sefty and Cyber security among the people. As it also cover financial loss as well as data loss both, it will help to people get atleast some amount of security.

    ReplyDelete
  5. vicky kumar7:13 PM

    This blog is resources, yes we all organization need cyber insurance to cover from breaches.

    ReplyDelete

Post a Comment

Popular posts from this blog

UNESCO Guidelines on Generative AI in Schools

The advent of artificial intelligence has assumed prominence amongst all industries and various facets of people's personal lives. The integration of AI in education has been inevitable, given the significance and role of information, knowledge production and administration in the sector. This is especially so as its capabilities entail replicating higher-order thinking. Besides assisting in the education process, it also brings the element of real-life relevance, allowing education to be imparted against the backdrop of the evolving world due to the same AI. It tends to have implications on the subject matter that needs to be imparted, which tends to be something that constantly needs to answer the question of "Why and how is this particular subject matter relevant for learning?".  This induces policy-makers and educational institutions to rethink what they need to impart as knowledge, the area of matter, and the manner of thinking to be emphasised. This is because educa...
Post a Comment
Read more

Dark Web: Safe or unsafe? Truth Revealed!

  The dark web is the part of the internet that is not visible to search engines. With the advancement in technology, digitization has resulted in different types of attacks. We can talk to anyone as long as we have an internet connection. The main concern is with privacy and anonymity in mind.  A team of computer scientists and mathematicians working for one branch of the US navy which is known as the Naval Research laboratory (NRL), developed a new technology known as Onion Routing. It allows anonymous communication where the source and destination cannot be determined by the third party. A network using the Onion Routing technique is classified as Darknet. The NRL released the Onion Routing Technique and it became The Onion Router, also known as TOR. Advantages of Dark Web  Humans are allowed to hold privacy and express their views freely. Privacy is considered to be critical for honest persons through the different criminals and stalkers.  The growing tendency of...
5 comments
Read more

India's Cybersecurity Landscape: New Rules, Rising Threats, and Government Response

The recent interaction of the newly reappointed Union IT Minister with journalists has sparked significant interest within the IT Industry and among privacy enthusiasts. Ashwini Vaishnaw announced on June 15 that the MEITY will soon release the rules under the Digital Personal Data Protection (DPDP) Act, a development of immense significance for India's cybersecurity landscape. [1] 's Acts. It holds immense significance for the country, especially with the increasing number of internet users.  Of 2023 for public consultation. The rules hold immense significance for a country like India, with 751.5 million internet users at the commencement of 2024 [2] . With the continuous surge in internet usage across India, the volume of personal data shared online is also on the rise. This occurs either voluntarily, such as an individual providing personal information to a social media platform to access its services, or involuntarily, as a consequence of falling victim to a cybercrime inci...
Post a Comment
Read more