Cyber insurance coverage checklist: Ensure you’re covered for these 5 common cyber exposures

by Michael Carr.

Cyber crime can take a variety of forms — and we know that no company is too small to be an enticing financial opportunity for threat actors. Common types of cyber crime today include hacking, social engineering, fund transfer fraud, and ransomware. According to Coalition’s H1 2021 Cyber Insurance Claims Report, the frequency of these types of incidents reported for organizations with under 250 employees increased 57% from the first half of 2020 to early 2021, and this trend has only continued.

Also, as more businesses support hybrid work models and businesses move more of their operations to the cloud, cyber criminals are finding additional and unique ways of infiltrating company networks — easily.

That’s why it’s more important than ever for businesses to take the time to understand and evaluate cyber risk and secure the right cyber insurance coverage to protect their business assets.

Your cyber risk coverage checklist

Cyber insurance is not designed as a one-size-fits-all, unlike other standard business risk policies, such as General Liability and Property. For example, Coalition offers a menu of different coverages that can be chosen to address an insured’s unique risks and exposures. Having coverage that addresses your company’s specific risks is the key to smart and effective coverage.

Whether you are evaluating the adequacy of your current cyber coverage or in the market to add cyber coverage insurance, you should keep in mind the following five key cyber risks:

✅  Cyber extortion (i.e. ransomware remediation) — The impact of ransomware on businesses has grown significantly since the onset of the pandemic. The average ransom demand made to Coalition policyholders in the first half of 2021 was $1.2 million. Paying such an exorbitant fee often proves untenable for many businesses. Coalition’s cyber insurance not only includes coverage for ransomware losses, but if selected by an insured, Coalition Incident Response (CIR) can assist with the forensics investigation and work to mitigate the risk and exposure to your business.

✅  Funds transfer fraud — One of the easier ways to monetize cyber crime is through funds transfer fraud (FTF), which is often perpetuated through social engineering techniques like phishing or business email compromise (BEC). Once criminals have access to your business mailbox, they can manipulate your contacts and modify payment instructions, sometimes without even triggering any security alerts. Coalition saw a 28% increase in FTF claims in 2021 from previous years. Coalition’s FTF coverage can cover incidents where a cyber criminal misdirects funds. Our claims team will also work with law enforcement and the appropriate financial institutions to attempt to retrieve the funds.

✅  Cloud vendor risk — Businesses that rely on cloud vendors to store company documents often provide these vendors with access to sensitive customer and employee data, including personal information. In many cases, they also rely on these vendor platforms to conduct critical functions, including processing the company’s accounts receivable, storing critical data (e.g., medical or financial records), and facilitating employee data. Should one of these cloud vendors experience a cyber incident, it can be costly to all of the businesses that rely upon the vendor’s platform. Specifically, companies could be exposed to privacy claims, regulatory fines, and other business interruption costs, including lost income and extra expenses to get their operation back up and running. As many as 30% of businesses say they consider their platform and system vendors a risk in the event of a data breach, as reported by Riskrecon. Even if your third-party vendor has cyber insurance, your contract with them may limit their liability to you. Coalition’s Network and Information Security Liability (NISL), Regulatory Defense and Penalties coverage, all insuring agreements on the same policy, help transfer your third-party liability risk. In addition, our Business Interruption and Extra Expense coverage address first-party losses from reliance on cloud vendors.

✅  Emerging digital risks — Two of the latest emerging digital risks include service fraud (also known as crypto jacking) and bricking. These tactics can be devastating for businesses and are usually not covered by a general cyber policy. Coalition’s Service Fraud endorsement covers the direct financial losses an insured faces when charged for fraudulent use of cloud-and internet-based services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Network as a Service (NaaS), IP Telephony and more. Coalition’s cyber insurance coverage offers Computer Replacement (also known as bricking) coverage, addressing the growing gap between a business’s general cyber coverage and property policy.

✅  Cyber incidents that impact physical risk — As digital infrastructure becomes more advanced and integrated into your business operations, the boundary between cyber and physical security has become increasingly blurred. For example, a cyberattack on a medical organization’s network could impact the health and safety of patients undergoing treatment by disrupting the connected medical devices. Likewise, a manufacturing company’s operations could be shut down entirely if connected machinery is attacked and cannot be accessed, such as in a ransomware attack, or destroyed with malicious commands sent to the machinery, causing it to perform unwanted actions. General liability (GL) policies typically do not cover physical or non-physical risks arising from cyber attacks. Coalition offers three key cyber coverage endorsements to help bridge the gap between your GL and cyber coverage when it comes to physical security. First-party Bodily Injury and Property, Third-party liability for Bodily Injury and Property, and Third-party Pollution coverage all protect your organization from cyber threats that translate to physical impacts.

Protect your business: Get insured

Cyber insurance is a key factor in addressing and mitigating these new and ever increasing cyber risks, and can really save your business time and money if it’s ever the target of a cyber attack.

Coalition offers a wealth of resources to help businesses implement good cybersecurity practices, including our Cybersecurity Guide, which outlines the key tenets of a cybersecurity program — a critical factor in reducing your organization’s cyber risk.

For questions about Coalition’s claims process or to be connected to a broker, reach out to our team.

Are you a broker interested in offering Coalition cyber insurance to your clients? Click here to get appointed.