Cyber incidents and attacks, whereby hackers target companies for ransom, to obtain sensitive information, or for other reasons, are a significant and growing threat. In 2021 alone, cyber incidents caused roughly $6 trillion in losses, and the consensus is that the threat of incidents will remain strong. Corporations are increasingly seeking insurance against this risk, but coverage for cyber incidents is still a relatively new and rapidly changing field. In this post, we focus on key considerations for general counsel, chief technology officers and cyber security officers when it comes to cyber insurance and protecting against cyber risk.
Does my company need cyber insurance?
Getting cyber insurance is a unique business decision for each company weighing a variety of factors, but virtually every company faces risks from cyber incidents. Although cyber breaches involving customer or consumer data tend to get the most attention, even companies that collect no sensitive customer or consumer information may fall prey. For one thing, companies may possess private, sensitive information about their employees, including medical or pension information. Moreover, companies may have proprietary information or trade secrets that hackers would want to get their hands on.
In fact, many dangerous and costly cyber incidents actually do not involve the theft of sensitive personal information, because the risk of disclosure of any data of value to a company may be used as extortion leverage. Ransomware can encrypt a company’s data and information systems, and attackers then demand a ransom from the company to restore access. Finally, companies may be targeted as a means of obtaining access to the systems of third parties doing business with the targeted company, which may expose the target to liability to those parties as well as its own incident response and data restoration costs. This explains why the risk is so widespread.Continue Reading Key questions corporate tech, legal, and security officers need to ask when considering cyber coverage