One of the top issues facing business today is the risk of business interruption resulting from a cyber-related attack. Regardless of the form of attack – ransomware, denial of service, data theft, or other form of malware – any resulting failure of an organization’s network systems can have severe consequences, financial and otherwise. These may include loss of productivity, lack of or impaired access to websites, and, importantly, loss of sales or income.
Given the potential for significant losses, a strategy for calculating and minimizing losses, and maximizing insurance recoveries for damage from a business interruption should be part of every organization’s cyber incident response plan. Because every business is unique, there is no “one size fits all” plan that will neatly apply to all businesses or to all business interruption claims. Nevertheless, certain best practices exist and can be applied and adapted to individual businesses to facilitate an efficient and effective response to a cyber-related business interruption.
1. Know your insurance coverage
The first step to maximizing recovery for business interruption is understanding the coverage provided under the applicable insurance policies. Many stand-alone cyber liability insurance policies provide coverage for lost net profits and mitigation costs, and may also cover continuing expenses, such as employee salaries, resulting from a cyber incident. However, there are also certain limitations to such coverage common in most cyber policy forms, even though they are far from standardized. For example, most business interruption coverage includes a waiting period of a certain number of hours before coverage begins. The length of that waiting period can be critical as losses attributable to the business interruption may continue to grow until the network system and level of service has been fully restored. Insurers also may limit the “period of interruption,” the period of time for which the policy will pay for losses. Depending on the policy language, coverage may end before operations are fully restored.
It is important to understand these limitations when purchasing cyber insurance and to obtain the insurance that best fits the needs of your business. For this reason, we recommend involving insurance coverage counsel to assist in the insurance placement and renewal process.Continue Reading Responding to a cyber-related business interruption: best practices