Most agencies rely on comprehensive general liability (CGL) insurance to provide protection against property damage, business interruption, workman’s compensation, and the like. The assumption may be that CGL coverage is sufficient for instances of cybercrime. However, that may not be the case.
Data breaches are expensive, and they certainly took their toll on businesses in 2014. According to Forbes, Target has incurred costs in excess of $200 million dollars as a result of last year’s breach, and upcoming litigation may push the total past $1 billion.
According to Inside Counsel, courts have been inconsistent in their rulings as to whether data breaches are covered under CGL insurance. In their recent article on the matter, Inside Counsel reported the following:
Courts have gradually shifted from favoring the policyholders to favoring the insurance carriers. It is therefore important to understand how the courts have recently ruled on questions of insurance coverage for cyber losses. As a result, CGL coverage for data breaches was denied in cases involving Sony and CoinStar this past year, contradicting a court decision the prior year for a major data breach involving a California health organization.
Inside Counsel further reports that, due to inconsistencies in the courts’ policy interpretations, most new CGL polices contain explicit cyber-exclusions and will not provide data breach coverage unless cyber endorsements are selected. As such, companies need to carefully review their policies and confirm that cyber coverage is included.
Furthermore, cyber liability insurance provides a wide spectrum of benefits. In order to obtain cyber liability insurance, the insured is evaluated for cyber risks during the underwriting process. Depending on the risk level, insurers may require the insured to employ additional security measures to protect private customer information as a condition of coverage. It is critical that officers and directors, who are charged with a fiduciary duty to protect company assets, communicate carefully with insurance brokers to ensure the proper insurance product is selected.
For more information regarding cyber insurance, see the Inside Counsel article.
APPLICATION DEVELOPMENT: Blue Mountain Data Systems is dedicated to Application Development and Systems Integration for Federal Civilian Agencies, Document Management Systems that help in the preparation, scanning, indexing, categorizing and quality control of millions of pages of paper documents to electronic format and the Automation of Workflow Processes. Call us at 703-502-3416.