Cybersecurity insurance warranties comes in two types: first party and third party. Most insurers offer policies that combine features of both, but not always. Many carriers also write provisions and exclusions into first or third-party policies, so businesses should carefully choose their cybersecurity policy to define the real needs (or if already underwritten, read it carefully to understand what is covered and what not, which coverage limits, which exclusions, …) .
A cybersecurity plan that focuses on first-party coverage is what most businesses will need. It protects against losses suffered by the insured and can include reparations for some of the following incidents:
- Damaged or lost digital assets, such as data and software
- Lost business opportunities or increased operational costs due to an interruption of the insured’s computer systems
- Cyber extortion if the hacker holds the insured’s data for ransom
- Money stolen through an electronic crime (if included)
typically cover costs associated to liabilities due to the following events:
- Security breaches of employee confidentiality
- Lost customer data and information
- Customer notification after a security breach
- Public-relations efforts as well as combatting defamation and intellectual-property violations.