As Cyber Insurance is new and not very well understood, it is increasingly overlooked by businesses. Traditional insurance covers may not indemnify your business where the proximate cause for the business interruption is a cyber event, and this commercial reality has prompted an increasing number of new business proposals to be subject to the contractor having a cyber insurance policy in force.

The range of insured perils and support services provided by a cyber insurance policy is broad and the policy benefit is often more than simply financial.

A data breach, particularly when it relates to sensitive client information, can cause severe mistrust and reputational harm for your company. Any breach of personal data, as defined under EU General Data Protection Regulations, must be notified to the Data Protection Commission and to the individuals affected.

The business interruption section of your cyber insurance policy will cover any loss in trading profits that result from an insured peril. The inclusions of this section of cover can further benefit policy holders during incidents involving Denial of Service or Ransome Ware attacks as the Insurer has an inherent motivation to resolve the Breach expediently and minimise the impact on your business.

Dedicated incident response teams are available 24/7 to determine the severity of your breach and escalate your case for payment of the Ransom Ware demanded if your IT backups cannot be recovered and restored.

Breach notification and containment costs are covered within policy and sub-policy limits, further supported by:

• Printing and postage of appropriate notices
• Call centre to manage inbound and outbound calls
• PR strategy to manage and limit any reputational damage to your business

Regulatory fines are covered only where these are insurable in law. As fines by their nature are intended to penalise improper behaviours and reliance on an insurance policy for this should not be made.

Reported instances of cyber extortion and cyber fraud are on the rise as companies continue to increase their reliance on technology and remote working.

As the sophistication and type of cybercrime methods have evolved, they have become increasingly difficult for companies and IT security systems to detect and prevent.

However, a significant amount of successful cybercrime is the result of human error from people working in the business. Therefore, the best defence a company can employ is through the training of its employees and promoting greater awareness when it comes to monitoring emails, website access and telephone requests for information.

Unfortunately, dishonest actors are having success as a greater number of business is transacted online, via email and over the phone.

Certain events can create non-financial risks i.e. such as the reputational harm caused by a data breach, or when a customer contract cannot be completed due to a system failure e.g. logistics software breach.

When defending your business from this highly disruptive form of malicious intent, it is important that you identify, log and track your system processes. Keeping your anti-virus and system updates current will also help to protect your business against lower level attacks.

Corrigan Insurance can help you to understand your exposures and provide access to expert advice through specialist insurers, enabling you to identify and mitigate against large losses, while also ensuring that you have 24/7 access to a dedicated cyber support service should you need it.

Awareness will lower your business’ likelihood of experiencing a severe cybercrime event. We recommend that you remain vigilant for the following:

• Compromised or fake business emails and invoices that are attempting to lure your unsuspecting staff into a wire transfer fraud
• Baiting exercise, conducted over the phone or by email, as part of a social engineering scam.
• Phishing emails / malware – strong antivirus software and firewalls should limit these from reaching your inbox.