CYBER INSURANCE

  • 41% of Irish Firms surveyed experienced at least one cyber-attack between September 2019 and February 2020. (Source : Hiscox Cyber Readiness Report 2020)
  • Currently 38% of Irish Businesses surveyed for this report had standalone cyber insurance cover. 62% don’t.
  • Small and mid-sized companies are just as exposed to Cyber Attacks as large firms. 43% of UK companies employing 1-9 staff reported a cyber attack in 2019.
  • From the survey, of the 125 Irish companies that suffered a cyber-breach, the median cost involved was €91,860.
Make sure you protect your business with the right level of Cyber liability insurance

WHY DO I NEED CYBER INSURANCE COVER?

In 2020, the bottom line is that all businesses, regardless of size, are increasingly exposed to cyber-attacks, cyber-crime and data breaches. We all use computer systems to run so many aspects of our business. We connect seamlessly to our banks, our customers and our suppliers. Electronic processes and digital interaction at all levels are a huge part of our daily operations. Cyber Insurance cover is now a "must have" cover – similar to how we protect our assets from the likes of theft or fire.

A good Cyber Liability Insurance Policy will provide you with First and Third Party Cover.

The Third Party Cover will cover the defence you could need to make and compensation you may need to pay any customers or employees who take an action against you as a result of a Cyber Attack.

The First Party Cover is just as important because it covers you, the policyholder. You will need expert help as soon as the attack comes to your attention. Your policy will provide you with external consultants to help you get through all stages of your Cyber Breach/Attack. This will include a team of forensic experts who can establish the source of the breach, whether the breach is still occurring - and notify the affected parties. Most likley these will be your clients or employees as well as the Data Protection Office in line with GDPR regulations. If you have been subjected to a Ransomware attack, your insurer will negotiate with the hackers on your behalf, pay the ransom, get your systems decrypted and/or install from previous back-ups.

HOW REAL OF A THREAT IS CYBER ATTACK?

Very real! We’ve already highlighted the 41% of Irish firms suffering a cyber-attack. The statistics from the UK are also very informative. In all likelihood, we face a similar level of threat here in Ireland

  • 88% of firms in the UK have suffered a Cyber Attack in the past 12 months*
  • While most attempts fail, the sobering reality is that a small business in the UK is successfully hacked every 19 seconds*(2018).
  • 37% of UK companies have reported a Data Breach to the Information Commissioner’s Office in the past 12 months*
  • There are around 65,000 attempts to hack small to medium sized businesses in the UK every day. Around 4,500 are successful*
  • Small businesses are particularly vulnerable to phishing attacks due to lack of cyber training and awareness among staff.

*Sources - CSO IDG Communications (UK Cyber Security Statistics), Hiscox Insurance and VMware Carbon Black

WHAT’S TYPICALLY COVERED UNDER CYBER INSURANCE?

Data Breach

Cost associated with notifying the authorities and the affected persons, investigating the incidents, taking measures to contain the damage and recover the data, as well as fines and court costs.

Cyber Crime - Ransomware

In return for decryption, the hackers/criminals demand a ransom, usually in the form of crypto currency. Your policy will provide you with a team of experienced experts to help you navigate this negotiation.

Cyber Crime - Email Attack

Attacker gets a business email address and uses it to defraud the company, its customers or its employees. Again, your cyber insurance policy will provide you with a team of experienced experts to source the breach, stop the breach, notify the affected parties and the regulator as well as covering the cost of fines and any defence required.

Business Interruption

Loss of income or revenue as a result of damage to your reputation and your operational outage – i.e. your business being shut down or suspension of trading for a period.

Risk Prevention

Your insurance company will offer support to help you manage cyber risks to your business. This may happen online, during on-site visits to your business premises or on-demand.

Third Party Liability Costs

Third party liability costs are typically compensation costs payable and defense expenses incurred should you be deeemd to be liable .These could include, but are not limited to, customers, suppliers and employees.

WHAT LEVEL OF COVER DO I NEED ON MY CYBER INSURANCE POLICY?

We recommend that you have a policy that provides sufficient cover should the worst happen. That limit can be as low as €250,000 and as high as €5 million. Obviously, the higher the limit, the higher the premium. You will notice, when you receive your policy document and schedule, that the limit will be in the Aggregate. This means that the limit of indemnity( your sum insured) is the total amount that an insurer will pay out during the course of the insurance year for multiple claims. In other words it's the maximum that can be paid out in any one year.

To illustrate, say you had a phishing attack that left a data breach. This claim will activate a number of sections of cover. It will activate the Liability Section since you will have had a data breach – and the consequential compensation payments that may arise. There may be regulatory proceedings which may result in a fine. You will also be activating the Breach Response section to get assistance with the breach notification, public relations, IT/Computer and legal challenges. The Business Loss section may also be activated since you may experience loss of income and reputational damage.

All of the costs incurred under each section will be paid - subject to the limit of your cyber insurance policy.

We will help you choose the most appropriate level of cover for your business.

THERE ARE SO MANY CYBER INSURANCE POLICIES. WHICH ONE DO I PICK?

The whole cyber insurance environment can be difficult to understand. It’s changing so rapidly. It follows that it can be difficult to know what insurance "must have" cover you need and exactly how much of it. That’s where good advice comes in. As your broker, we can assess your exposure and agree the right cyber insurance solutions with you. And remember, we can tailor your cyber protection to the size and scope of your business – whether operating retail outlets such as a hairdresser, a pharmacy or larger concerns such as transportation, logistics or manufacturing facilities.

The following will give you some idea of what to watch out for:

  • Insufficient Limits or sum insured on your policy
  • Limited Cover – e.g. no cover for Business Interruption
  • No Specialist Data Breach Services provided e.g. Forensic consultants,legal experts etc
  • No Risk Prevention or Risk Management services provided

GUIDE

Protecting your business against Cyber Attack

READ GUIDE
Protect your business from a cyber attack with the right level of cyber insurance from OCI.ie

GUIDE

The Cyber Terms you need to know

READ GUIDE
All the cyber insurance terms that you need to know

OUR CYBER INSURANCE SPECIALISTS

Rachel Dixon – Our Cyber Insurance Agent

RACHEL DIXON

Caeva O'Callaghan – Our Cyber Insurance Agent

CAEVA O'CALLAGHAN

Caroline McArdle – Our Cyber Insurance Agent

CAROLINE MCARDLE