IS YOUR COMPANY COVERED IN CASE OF CYBERATTACK? By Ken Cooper, Director, Operations & Risk Strategy
In today’s digital age, the threat of cyberattacks looms large over businesses of all sizes. From data breaches to ransomware attacks, the potential for economic loss and reputational damage is real and growing by the day. Today, cyber risk involves much more than protecting personal information – it has evolved and can lead to business interruption or, in many cases, complete business shutdown. Take United Healthcare (UHC), for example. One of their subsidiaries, Change Healthcare, was hacked Feb 21, 2024. According to reports, data obtained by the ransomware group during the breach was posted to the dark web on April 15, 2024, compromising the personal and protected health information of millions of patients; the compromised data also include contracts and agreements between Change and its clients. Change took their IT systems offline after the cyberattack, leading to widespread claims processing delays across the U.S. Preliminary estimates are that the breach will cost UHC up to $1.6 billion. In part due to these types of prominent cyberattacks, many organizations across virtually every industry sector, including agriculture, now recognize cyber insurance as a crucial part of their risk management strategy. However, the market is still evolving, and rapidly at that, with insurers continually refining their offerings to keep pace with emerging cyber threats and regulatory changes. Types of Events Covered by Cyber Insurance While cyber insurance policies vary, typical covered events may include: • Data breaches involving sensitive customer information • Ransomware attacks and other forms of malware • Denial-of-service (DoS) attacks that disrupt network access • Business email compromise (BEC) and social engineering scams • Insider threats and employee negligence leading to data breaches • Legal and regulatory fines resulting from non-compliance with data protection laws Types of Cyber Insurance Coverage Cyber insurance policies vary widely in terms of coverage, limits and exclusions. However, they typically fall into one of several broad categories: • First-Party Coverage : This covers direct costs incurred by the policyholder because of a cyber incident.
This may include expenses related to data breach response, such as forensic investigations, notification of affected individuals, credit monitoring services and public relations efforts. Additionally, first-party coverage may reimburse businesses for lost income and extra expenses resulting from a cyberattack, as well as the costs of restoring data and systems. • Third-Party Coverage: This protects the policyholder against claims and lawsuits filed by third parties, such as customers, vendors or regulatory bodies, alleging harm or damage resulting from a cyber incident. Third-party coverage typically includes liability for privacy breaches, network security failures, and media liability arising from defamation, copyright infringement or other content- related issues. • Cyber Extortion Coverage: With the rise of ransomware attacks, many cyber insurance policies now include coverage for extortion payments and related expenses. This can help businesses negotiate with cybercriminals and mitigate the financial impact of ransom demands. • Business Interruption Coverage: This compensates policyholders for income lost due to a cyber incident that disrupts their operations. Business interruption coverage may also include reimbursement for extra expenses incurred to minimize the disruption and expedite the restoration of normal business operations. • Cybercrime Coverage: Some policies offer coverage for financial losses resulting from fraudulent electronic transfers, social engineering scams or other forms of cybercrime. As cyber threats continue to evolve in sophistication and frequency, cyber insurance has become an essential tool for businesses to mitigate the financial and reputational risks associated with cyber incidents. However, navigating the complexities of the cyber insurance market requires careful consideration of coverage options, policy terms and exclusions. Businesses should work closely with experienced insurance brokers and cybersecurity professionals to assess their risk exposure, identify appropriate coverage needs and select cyber insurance policies that align with their risk management objectives. By investing in robust cyber insurance coverage, organizations can better protect themselves against the potentially devastating consequences of cyberattacks in an increasingly digital world. Western Growers Insurance Services is a full-service insurance brokerage offering a suite of insurance products and tailored risk management solutions to agribusiness and related industry members. For more information or assistance, please contact Ken Cooper, Director of Risk Strategy for Western Growers Insurance Services, at kcooper@wgis.com.
13 Western Grower & Shipper | www.wga.com July | August 2024
Made with FlippingBook flipbook maker