Posts Tagged with: Insurance

  Back to top
Cyber Insurance
30 November 2017

Privacy and Cybersecurity 101: Buying Cybersec...

With Uber joining Equifax, JP Morgan, Target and others as the latest victim of a high-profile data breach, all companies should be evaluating how they can protect themselves from data breaches and the fallout.  Over the past month, we have covered how to encrypt your laptop and covered how to send secure emails.  Even if […]

Email Disclaimer 

Please be advised that contacting Miller Johnson or one of its attorneys by email does not constitute establishing an attorney-client relationship or otherwise confidential relationship between you and the Firm. Please do not give us any information you regard as confidential until a formal attorney-client relationship has been established. Any information you give to us before establishing an attorney-client relationship will not be regarded as privileged or confidential. Do you wish to proceed?

Cancel I agree

Publication Signup 

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
To receive firm communications, please select from the list of topics, complete your contact information, and Sign Up below.
This field is hidden when viewing the form
Select Service*

With Uber joining Equifax, JP Morgan, Target and others as the latest victim of a high-profile data breach, all companies should be evaluating how they can protect themselves from data breaches and the fallout.  Over the past month, we have covered how to encrypt your laptop and covered how to send secure emails.  Even if you have a great IT team, train your employees on cybersecurity issues and put into place the necessary software, hardware, policies and procedures, you or your company may experience a breach.  If that happens, the right cybersecurity insurance policy could save you tens of thousands of dollars in legal fees alone.

Cybersecurity insurance is a relatively new insurance product and much of the policy language is non-standardized. The lack of standardization means key language can vary from policy to policy and that much of the language remains untested by the courts.  Here are some key questions you should ask yourself, your IT administrator and your insurance broker

  • Does the policy cover mobile devices, laptops or other employee owned personal devices that lead to a breach? You do not want to pay for a policy only to find out you have no coverage for the breach caused by the theft of your employee’s unencrypted laptop.
  • Does the policy allow you to choose your vendors or legal counsel? This is especially important for health care providers who must comply with very specific regulations following a breach.
  • Does the policy cover breaches that happened in 2000 but discovered in 2018? Does the policy require claims be made the same year as the breach or the same year the breach is discovered?
  • Does the policy include First-Party and Third-Party coverage? First-party coverage includes costs and damages to your own business such as loss of data and loss of business income while your business recovers data or restores network access. Third-party coverage addresses potential liability to clients and governmental entities. You will want protection from lawsuits and governmental fines that may follow a data breach.
  • Does the policy cover data in the possession or control of Third Parties? What happens if your cloud storage provider, accountant or other third party vendor experiences a breach?  Be sure you know where your data is and that your policy protects you from breaches experienced by a third party.

Asking these questions (and many more), working with your IT staff and working with an experienced broker and lawyer will ensure you purchase a policy that adequately shifts the risks of a data breach without incurring excessively high premiums.