• Bluedrop Insurance Guides
  • Cyber Insurance Guide

    Cyber Insurance Guide

    Cyber risks are a serious threat to any business of any size, and with the increased dependence businesses have on IT systems, and evolving risks relating to cybercrime, cyber insurance policies are growing in popularity.

    In fact, in 2016 a UK Government study found that 60 percent of small businesses had suffered a cyber breach costing between £65-115k. Even if you are an SME and your business holds sensitive customer data, relies heavily of IT systems and websites to conduct business, or processes payment card information, then you should be looking into cyber insurance as a priority.

    As many of you will be aware, the new General Data Protection Regulation (GDPR) comes into force in May 2018, raising the prospect of increased fines. This prospect places increased importance on having adequate insurance in place to cover possible data breaches, and data protection has become a hot topic particularly with Directors and Officers who will be keen to ensure robust practices are in place.

    What will our Cyber Insurance cover?

    Cyber insurance covers any first party losses and third-party claims relating to damage to, or loss of information from, IT systems and networks.

    As a business, if IT equipment or systems fail you will be under risk of income loss and business interruption. Whilst some business insurance policies you have in place will cover elements relating to damage, loss or failure, a cyber insurance policy will work alongside these providing financial compensation as well as assistance with managing the incident and reputational damage.

    Most importantly cyber insurance policies should include cover in the instance of a data breach, whereby customer’s personal data is stolen or exposed by gaining access to the electronic network. These expenses will include; notification of costs, credit monitoring, costs to defend claims by regulators, fines and penalties, and loss as a result of identity theft.
    Bluedrop will work closely with your business to customise your policy to the individual needs of your organisation and specific vulnerabilities. How much cover you need will depend on the size of your business and the type and amount of data you manage. We can help to determine what elements will be important for your business.

    Whilst there is no standard underwriting for a cyber insurance policy, our policies can cover the following:

    • Forensic investigation – to determine what happened, how to repair damage and prevent a similar breach in the future.
    • Business losses – financial redress for theft of money, data loss and recovery costs, damage to websites programs or electronic data, and business interruption.
    • Privacy and notification – notifications to customers and other affected parties as required by GDPR.
    • Litigation and extortion – legal expenses, settlements and fines from data protection regulators. Extortion covers ransoms to end extortion as well as fees incurred from recruiting specialist advisors.
    • Reputation protection – PR Services to limit and repair any reputational damage.
    • 24/7 incident response – in the event of an incident it is important to contact your insurer immediately to ensure damage limitation and to begin putting in place your business continuity plans. Our insurers will operate a 24/7 claims line.

    Advice to reduce your risk of cyber crime

    In addition to having concrete insurance in place, as a business you need to ensure you have steps in place to manage your cyber risks and limit the chances of an attack.

    As part of your risk management plan employee education in the form of awareness on security issues is vital. It is important to evaluate your level of risk and assess the potential events that could cause a cyber incident.

    You should invest in up-to-date cyber-protection software and set up boundary firewalls as well as continually scanning for viruses and malware. It is advised that you investigate producing an incident response plan and have procedures in place should an attack take place.

    Consider these 6 steps to cyber security that we have identified for you.

    You may also wish to consider Cyber Essentials Accreditation, which is a standard brought in by the Government in 2014. This is considered a good first step towards becoming more resilient to attack.

    Want to find out more about Bluedrop's Business Insurance?
    Return to guide menu
  • Call our friendly team now for the right insurance cover - at the best price

    01489 222 860

    Calls recorded for training and quality.

    • I have read and accept the Privacy Policy
    • I'd like to receive news & product updates