Cyber insurance provides great coverage against malware, DoS attacks, human errors, and other information security incidents.
Cyber insurance covers economic losses caused by crimes against companies’ information networks. Cyber risks are becoming a growing threat to business in nearly all sectors.
The actor behind an attack may be a foreign state operator, group of professional criminals with economic interests or random operators. Modern cyber criminals are extremely good at what they do. They handle large amounts of money and spend a lot of time stealing sensitive information.
Usually, insurance companies exclude cyber attacks from their traditional business insurance policies. Nevertheless, most companies would benefit from taking out cyber insurance, since it also covers costs caused by interruptions or disruptions in business activities.
What kind of companies need cyber insurance?
Nearly all companies are in one way or another connected to an information network and, therefore, need cyber insurance. Many companies believe that antivirus software provide sufficient protection against cyber attacks.
However, information security is a sum of many factors, including fire walls, protection of terminal equipment and data verification. Some companies may also think that they do not store data that is worth stealing. It is increasingly common that cyber attacks target normal Finnish companies.
In addition to data theft, a cyber attack can also be an interception of the management of entire information systems. Contrary to popular belief, most companies store sensitive information, e.g. contact details of consumer customers. Companies’ staff registers are also considered sensitive information.
What does cyber insurance include?
There are many types of cyber and information security insurance policies available on the market. Typically, a cyber insurance policy covers
- crisis management costs (e.g. rehabilitation costs, first response service costs or cost of an external loss adjuster)
- damages incurred by the company (e.g. cost of restoring files, systems and networks, costs caused by an interruption or disruption in business activities)
- damages incurred by third parties (e.g. cost of reporting personal data leaks)
Pre-negotiated information security insurance solutions are often cost-effective and sufficient enough to meet the basic needs of small and medium-sized companies.
If a company has more extensive and complicated needs, it should consult an insurance broker. Often, the best insurance solution is found abroad.
What does cyber insurance cover?
Information security insurance covers economic losses caused by e.g.
- damage to information systems
- human errors
- DoS attacks.
It also covers interruptions and disruptions in business activities. In fact, interruptions and disruptions in business activities often turn out to be more costly than, for instance, the restoration of information systems or first response services.
Recent cyber crimes
- Swedish food trade chain Coop was forced to keep 800 shops closed after a cyber attack. The attack targeted Coop’s POS system provider, software company Kaseya. Finnish TietoEvry was also affected by the attack.
- Sensitive patient information was stolen from private psychotherapy clinic Vastaamo. The group behind the attack demanded ransoms from both the company and its clients. Information leaked in 2018 is still available online.
- Hackers took down American company Colonial Pipeline’s fuel pipe on the east coast of the United States. The company was forced to shut down its 8,900-kilometres-long pipeline as a result of the attack. The company also paid a ransom of 4.4 million dollars to the Russian hacker group, most of which was later recovered.
Does my company need cyber insurance?
You can approach this question from several viewpoints. How would the loss of data impact your company’s revenue? If you lose data or your data is held as security against a ransom, what would your company do?
What kind of damage could data you process cause to third parties? If your company stores e.g. sensitive information about clients, their person or business, your company is at a high risk of cyber crime.
How would your company manage without its information systems? Can you continue your everyday operations without your information systems or would the loss of your systems have serious economic consequences?
If your company has not taken out cyber insurance or you are unsure about your company’s insurance status, fill in the form below and contact us! Our experts are happy to help you find a solution that meets your company's needs at a cost-effective price.