10 Sep Cyber Liability – What’s the Risk?
UPDATED 11/28/16 – Cyber security is top of mind and critical to the wellbeing of your organization. The risk is real and growing (as evidenced by the most recent NetDiligence study below). In this RiskTip we want to primarily explore the options available to insure/transfer the risk. There is indeed another key part – managing this risk effectively requires two components: (1) Control and (2) Transfer/Insure. Admittedly, we are not information technology and security experts and the element of “controlling” the risk is best suited for these professionals. The risks must be rigorously identified and controlled but insurance/transfer is also critical as not all exposure can be removed by way of control.
Cyber Liability Insurance is reactive in that it is triggered upon an occurrence of breach or loss of private information. The two primary exposure expenses applicable to a RIA firm, which can reimbursed and/or paid-on-behalf of you, are (1) Crisis Services and (2) Legal Defense Costs. Crisis Services includes forensics, notification, credit monitoring and legal guidance expenses. Proper steps after a breach occurs are critical and most insurance companies connect insureds with a cyber-breach expert to ensure that the severity of the event does not grow due to missteps in handling the forthcoming correspondence. Coverage terms and additional sub-lines of coverage vary by underwriter and can include items such as loss of your own digital assets, non-physical business interruption, regulatory claims, cyber extortion threat coverage, media liability, employee privacy liability and other ancillary lines.
In closing, we think it is important to note what types of claims and expenses are associated with this risk. The NetDiligence 2016 Cyber Liability & Databreach Insurance Claims Study references 176 different insurance cyber claims, brought against various businesses. Here are some key findings of the report:
- The average claim payout was $495k. The median payout was $49k.
- The highest average payout was in the Financial Services sector ($1.3M).
- The average breach cost was $665k. The median cost was $60k.
- The average cost for legal defense was $130k. The median cost was $16k.
- The average cost for crisis services was $357k. the median cost was $43k
- Breaches with few records can be very costly. One event in the dataset involved 1 record with a cost between $1.5M and $2.0M
The good news is that the cyber insurance carrier marketplace has significantly matured over the past couple of years as insurance actuaries have more data to work with and charge accordingly. Minimum premiums are considerably lower than in the past and terms are as attractive as they have ever been.
Golsan Scruggs is an insurance brokerage firm operating throughout the United States specializing in investment advisor E&O errors & omissions insurance (aka professional liability insurance) for RIA registered investment advisors. As one of the largest insurers of RIA firms in the U.S., we have a dedicated staff that understands the risks of the financial services industry and delivers superior results. We make the underwriting process painless.
At Golsan Scruggs, we believe it is incumbent upon us to earn the right to be appointed as your insurance and risk-management agent. Our RIASURE process exists to serve that purpose.
Our RIASURE Review will analyze your fiduciary exposures, provide rate details and comparisons, and provide a contract comparison. No application required.
To obtain your complimentary RIASURE Review, please provide the following information or contact us at (800)273-5883. Fields marked with * are required.