Our Partners

marsh_edited.png

Cyber-insurance is an insurance product used to protect businesses and individual users from Internet-based risks, and more generally from risks relating to information technology infrastructure and activities.

 

Risks of this nature are typically excluded from traditional commercial general liability policies or at least are not specifically defined in traditional insurance products. Coverage provided by cyber-insurance policies may include first-party coverage against losses such as data destruction, extortion, theft, hacking, and denial of service attacks; liability coverage indemnifying companies for losses to others caused, for example, by errors and omissions, failure to safeguard data, or defamation; and other benefits including regular security-audit, post-incident public relations and investigative expenses, and criminal reward funds.

We provide advisory services to:

  • Advise on policy limits based on risk to the organization

  • Help select the right broker and carrier for your coverages

  • Assess current policy to identify coverages of cyber risk

  • Align covered services to your incident response plans, public relations, business interruption, and identity monitoring

Forbes recently published that if you rely on technology to do business and if you manage and store company data, financial or transactional information, customer details or any proprietary business information on computers or servers or in the cloud, I believe you need some level of coverage.

Cyber insurance coverage can be as varied as health, life and car insurance. A company needs to know its vulnerabilities and make sure its coverage is matched to its potential exposure.

The combination of your security solutions and cyber insurance offers a twofold approach to protection against attacks.

Types of Coverage
  • Network Security - Insurance against cyber attacks and hacking attacks.

  • Theft and fraud - Covers destruction or loss of the policyholder’s data as the result of a criminal or fraudulent cyber event, including theft and transfer of funds.

  • Forensic investigation - Covers the legal, technical or forensic services necessary to assess whether a cyber attack has occurred, to assess the impact of the attack and to stop an attack.

  • Business interruption - Covers lost income and related costs where a policyholder is unable to conduct business due to a cyber event or data loss.

  • Extortion - Provides coverage for the costs associated with the investigation of threats to commit cyber attacks against the policyholder’s systems and for payments to extortionists who threaten to obtain and disclose sensitive information.

  • Reputation Insurance - Insurance against reputation attacks and cyber defamation.

  • Computer data loss and restoration - Covers physical damage to, or loss of use of, computer-related assets, including the costs of retrieving and restoring data, hardware, software or other information destroyed or damaged as the result of a cyber attack.

  • Information Privacy - Covers organizational liability(ies) arising from actual or alleged non-compliance with any worldwide cyber, information privacy, or identity related regulation, statute, or law. For example, this coverage part would cover an organization's legal defense, and ultimate monetary settlement, resulting from a regulatory claim alleging such organization was non-compliant with any covered privacy regulation, such as the "right to (personal information) erasure" governed within the European Union's General Data Protection Regulation.

Current Need

In spite of improvements in risk protection techniques over the last decade due to hardware, software and cryptographic methodologies, it is impossible to achieve perfect/near-perfect cyber-security protection. The impossibility arises due to a number of reasons:

  • Scarce existence of sound technical solutions.

  • Difficulty in designing solutions catered to varied intentions behind network attacks.

  • Misaligned incentives between network users, security product vendors, and regulatory authorities regarding protecting the network.

  • Network users taking advantage of the positive security effects generated by other users' investments in security, in turn themselves not investing in security and resulting in the free-riding problem.

  • Customer lock-in and first mover effects of vulnerable security products.

  • Difficulty to measure risks resulting in challenges to designing pertinent risk removal solutions.

  • The problem of a lemons market, whereby security vendors have no incentive to release robust products in the market.

  • Liability shell games played by product vendors.

  • User naiveness in optimally exploiting feature benefits of technical solutions.

Locations.

Boston, MA

Buffalo, NY

New York, NY

Dallas, TX

Washington, D.C.

San Francisco, CA

Chicago, IL

New Orleans & Baton Rouge, LA

Telephone.

(508) 925-0114

© 2017-2020 by SideChannelSec, LLC

  • LinkedIn Social Icon
  • YouTube
  • Twitter
  • Instagram
  • Facebook Social Icon