S&P Cyber insurance
Cyber insurance provides security for e.g. in case of malware, denial of service attacks and human errors made by personnel.
Cyber insurance is a type of insurance that compensates for crimes committed in the company's information networks and human errors made by personnel. It also covers the additional costs related to the interruption and disruption of operations. Cyber insurance is important for every company and its importance is constantly increasing. Cyber security risks are often excluded from traditional business insurance policies, and cyber insurance can be complex and expensive to obtain depending on the size of the business.
Crisis management costs
Damages incurred by the company
Damages incurred by third parties
What is cyber insurance?
Cyber insurance is a type of insurance that provides security for a company in events related to cyber security. It often includes various types of insurance coverage, such as liability insurance, interruption insurance, and criminal insurance.
Cyber insurance is important for almost every company that operates on an information network - practically almost every industry.
Cyber insurance is particularly important in retail, finance and healthcare, but also in industry, transport and production. With the help of cyber insurance, the company can protect itself from risky situations related to information networks and receive compensation for possible damages.
In small and medium-sized companies, cyber insurances are usually tendered packages that meet the needs of the companies.
In larger companies, cyber insurance is often a solution tailored by an insurance broker, for which solutions are sought from international insurance markets if necessary.
Cyber insurance compensates for various financial damages caused by e.g.
- damage to information systems
- human errors
- service/DoS attack.
Cyber insurance also covers interruptions and disruptions in business activities. In fact, interruptions and disruptions in business activities often turn out to be more costly than, for instance, the restoration of information systems or first response services.
Well-planned data security doesn't eliminate the need for cyber insurance
Data security is an important part of the company's operations and it consists of several different areas, such as firewalls, terminal device protection and data backup, and the human side, i.e. employees. Well-planned information security helps protect against cyber threats, but does not eliminate the need for cyber insurance.
Professional cyber-attacks are increasingly targeting ordinary Finnish companies as well, and they can be targeted, for example, in addition to stealing data, to hijacking the management of entire operational systems.
Companies often store sensitive information, such as personal customer contact information and information about customer relationships or financial matters. Leaking this information can cause significant damage to the company. That's why it's important to take care of information security and consider getting insurance related to information security.
Recent cyber crimes
- Swedish food trade chain Coop was forced to keep 800 shops closed after a cyber attack. The attack targeted Coop’s POS system provider, software company Kaseya. Finnish TietoEvry was also affected by the attack.
- Sensitive patient information was stolen from private psychotherapy clinic Vastaamo. The group behind the attack demanded ransoms from both the company and its clients. Information leaked in 2018 is still available online.
- Hackers took down American company Colonial Pipeline’s fuel pipe on the east coast of the United States. The company was forced to shut down its 8,900-kilometres-long pipeline as a result of the attack. The company also paid a ransom of 4.4 million dollars to the Russian hacker group, most of which was later recovered.
Does my company need cyber insurance?
You can approach this question from several viewpoints. How would the loss of data impact your company’s revenue? If you lose data or your data is held as security against a ransom, what would your company do?
What kind of damage could data you process cause to third parties? If your company stores e.g. sensitive information about clients, their person or business, your company is at a high risk of cyber crime.
How would your company manage without its information systems? Can you continue your everyday operations without your information systems or would the loss of your systems have serious economic consequences?
Tailored cyber insurance
For companies whose needs the solution we have already negotiated is not suitable or which do not meet the insurer's criteria, we are happy to obtain other suitable cyber insurance.
Purchasing customized cyber insurance proceeds like this:
- we map the cyber risks related to the company's operations
- we review the current insurance coverage and its coverage in relation to cyber risks
- we plan the necessary supplements to the insurance coverage
- we tender for the necessary insurances and obtain them for you.
If necessary, we discuss the contents of the insurance with the insurers and recommend the option that best suits your needs.