22 Jun Cyber Liability Insurance
Cyber security is top of mind and critical to the viability of your organization. In this RiskTip we want to primarily explore the options available to insure/transfer the risk. There is indeed another key part – managing this risk effectively requires two components: (1) Control and (2) Transfer/Insure. Admittedly, we are not information technology and security experts and this subject is deep and wide. The element of “controlling” the risk is best suited for these professionals and many articles have been written addressing this area. Again, the risks must be rigorously identified and controlled but insurance/transfer is also critical as not all exposure can be removed by way of control.
Cyber Liability Insurance, as is all insurance, is reactive in that it is triggered upon an occurrence of breach or loss of private information. The two primary cyber events we see occur within RIAs, which can reimbursed and/or paid-on-behalf of you, are (1) Crisis Services and (2) Cyber Legal Liability. Crisis Services includes forensics, notification, credit monitoring and legal guidance expenses. Proper steps after a breach occurs are critical and most insurance companies connect insureds with a cyber-breach expert to ensure that the severity of the event does not grow due to missteps in handling the forthcoming correspondence. Legal Liability coverage is critical should a negligence or breach of duty suit be brought against you and is there to fund your attorney fees and other defense related costs.
There are certainly additional exposures that can be covered by cyber insurance. Coverage terms and additional coverage parts vary by underwriter but often include items such as loss of your own digital assets, non-physical business interruption, regulatory claims, cyber extortion (ransomware) coverage, media liability, employee privacy liability and other ancillary lines.
In closing, we think it is important to note what types of claims and expenses are associated with this risk. 2019 NetDiligence Professional Services Spotlight references 155 different insurance cyber claims, brought against various Professional Services businesses. Here are some key findings of the report:
- The average total breach cost was $162K.
- The median cost was $45k.
- The average cost for legal defense was $33k. The median cost was $16k.
- The average cost for crisis services(post breach) was $108k.
- Ransomware was the most common cause of loss, accounting for 20% of claims over the past 5 years.
While the above data is from the most recent NetDiligence study specifically directed at professional services firms, we know that losses have increased in dollar severity and frequency over the past 18 months and are not showing signs of slowing down. As a natural result, the cost of cyber insurance is increasing significantly with many renewals showing 20% to 50% rate increases so far in 2021.
Golsan Scruggs is an insurance brokerage firm operating throughout the United States specializing in investment advisor E&O errors & omissions insurance (aka professional liability insurance) for RIA registered investment advisors. As one of the largest insurers of RIA firms in the U.S., we have a dedicated staff that understands the risks of the financial services industry and delivers superior results. We make the underwriting process painless.
At Golsan Scruggs, we believe it is incumbent upon us to earn the right to be appointed as your insurance and risk-management agent. Our RIASURE process exists to serve that purpose.
Our RIASURE Review will analyze your fiduciary exposures, provide rate details and comparisons, and provide a contract comparison. No application required.
To obtain your complimentary RIASURE Review, please provide the following information or contact us at (800)273-5883. Fields marked with * are required.