Cyber attacks - are you prepared?
We are not looking to sell you cover (not yet, we are still developing our product) but there is a clear and present danger, not least because of digital crime factories focused on attacking Western business infrastructure.
Most current business insurance policies were designed decades before the Internet or electronic trading. Way before many “data assets” even existed.
In this short piece we are simply alerting you to the gaps you may have in your risk management programme.
The main areas of risk from electronic crime are; theft of funds, extortion by a ransom attacks, data breach - theft of data, damage to digital assets, reputational risk, regulatory fines and penalties, legal representation costs.
Almost without exception any office or business combined insurance will not cover a ransom attack, extortion or loss of funds (including client funds), the theft of digital assets or any consequential financial loss following a data breach.
Very few policies will respond to the financial consequences of a data breach in terms of direct loss of revenue or brand/ reputational damage (which is difficult to quantify in any event).
Where a policy is extended to include legal expenses or if you have a stand-alone legal expenses policy this will probably respond to provide legal representation
following an ICO prosecution, it most likely will not cover fines or penalties (as this is against public interest) or the actual compensation or redress payable to the injured parties.
A specialist Cyber Crime or Computer Crime policy can fill most of the gaps except where an accidental loss has occurred (e.g. lost or stolen files/ laptop) in which case a legal expenses policy could pick up the cost of legal representation but as indicated above, may pay consequent fines or penalties or compensation.