Does Cyber Insurance Cover Costs of Investigations After Attack?
Caeva O'Callaghan | February 11th, 2021
You know your business needs cyber insurance to protect your systems and data. But after your business is hacked, will your policy help you cover the costs of investigating what happened?
Yes, it does. When you have a cyber insurance policy, your business will be covered for most or all costs associated with a data breach or cyber attack.
This will include the cost of investigative measures that need to be taken to ascertain the origin of the breach, how much data was compromised, and how to move forward.
In this article, we’ll cover the following questions:
- What does cyber insurance cover?
- Do I need to be investigated after a cyber attack?
- Will my cyber insurance cover the cost of a cyber attack investigation?
There are many different types of cyber attack, but one thing they have in common is that they are unwanted, damaging, and require investigation.
What to do after a data breach
Your cyber insurance policy should extend to cover the overall financial impact of the incident. This could include loss of business, as well as regulatory fines. But it should also cover costs that extend beyond the duration of the cyber attack itself – such as finding out why it happened, and preventing a repeat occurrence.
The indemnity period is the length of time for which compensation is payable under a business interruption policy. This could mean the period during which the income of the business is affected by the cyber event subject to the number of months shown in the schedule. Or, it may mean the period of reinstatement of services affected by the cyber event. You will need to check your cyber insurance policy to make sure.
The typical maximum indemnity period in cyber insurance policies is 3 months. This reflects the short duration of most cyber attacks, and makes it important that you act as soon as possible after you realise a data breach has occured.
First, determine the kind of attack that happened and find out what data was compromised. After that, you should inform the Data Protection Commission as soon as possible that an attack occurred. Then, notify your cyber insurance and they will help you take the next steps.
Investigating a cyber attack
The investigative measures and associated costs will vary widely across businesses and types of cyber crime. In all cases, the origin of the attack must be determined, along with motive, the amount of data that was leaked, as well as the identities of the criminals responsible.
Cyber crime is a rapidly growing area of criminal investigation. Ireland is home to Europe’s largest data centre cluster, ahead of the traditional markets of London and Paris. As a result, the industry has grown in expertise and reputation, which while good for the economy and the country, is rapidly attracting attention from individuals with unsavoury motives. Over 69% of surveyed organisations were hit by cybercrime in Ireland in 2020, which is double that (34%) experienced in other countries.
As companies strive to combat the challenges posed by COVD-19, cybercrime – and the specialised units dedicated to investigating it – are growing. More employees are working remotely, and more digital devices and software are being utilised and distributed by companies who, caught out by a sudden acceleration in the pace of change and in the face of new obstacles, will struggle to implement adequate employee training and security measures.
This is why cyber security will only get more widespread – but the good news is, so will more expert help become available. In fact, the global cyber security market size, estimated at $167.13 billion in 2020, is expected to grow at a compound annual growth rate of 10% to reach $326.36 billion by 2027.
This means that it’s getting easier to find the professional services you need to get your business back on track after cyber crime.
What does cyber insurance pay for?
When it comes to investigating a cyber crime, there are as many ways to do it as there are types of security breach. Each one demands a different set of methods and avenues to explore to bring the culprits to justice.
In the event of a data breach, your cyber insurance will go towards the costs associated with notifying the authorities and the affected persons, investigating the incidents, taking measures to contain the damage and recover the data, as well as fines and court costs.
In the event that your organisation is hit by ransomware, in which criminals demand compensation in return for the decryption of sensitive data, your policy will provide you with a team of experienced experts to help you negotiate its release.
Your cyber insurance will not only help recover and protect your data, but will also aid in tracking down those responsible. When you make a claim, you make it harder for criminals to get away with their deeds and help stop it happening to someone else.
Confused about anything related to cyber insurance? Please feel free, to give us a call today, and talk to our expert cyber liability agents. They will guide you through all the options available for your business.
All Information in this post is accurate as of the date of publishing.