Cyber insurance, along with appropriate property casualty coverage for physical damage exposure to equipment, data and media, a comprehensive financial institution bond and director and officer (D&O) liability coverage, when combined, offer financial institutions a comprehensive risk management solution when dealing with a cyber-attack and / or data breach recovery incident.
Earlier this year, a study on the cost of data breach incidents by the Ponemon Institute noted that organizations, including banks, could be on the hook for millions of dollars in losses, fines and potentially even consumer fraud charges in the event of a data breach.[1] The Ponemon study further found that the per capita cost for data breaches in the financial industry averaged $254, well above the overall mean of $188 for all industry classifications. The study points to the heavier regulation of the financial sector as one reason for the increased cost per capita.[2]
Given the potentially disastrous costs involved in a data breach incident, so called “cyber insurance” is becoming less a luxury and more a necessity for the banking industry. Cyber insurance can help a financial institution respond to a cyber-attack or a data breach and fill in the gaps in a bank’s traditional liability and business insurance policies, which may typically only cover the physical losses and direct costs from incidents such as robberies, fires and lawsuits. Commercially available cyber insurance policies run the gamut, both in price and in coverage, but a comprehensive cyber insurance policy should cover:
- Crisis management and customer notification expenses
- Privacy and security liability
- Legal defense and penalties
- Computer forensics investigation
As with any type of insurance policy, there are policy conditions, so a thorough understanding of all policy terms is a necessity for any bank that undertakes to insure itself for cyber-attacks and data breaches.
Cyber insurance, along with appropriate property casualty coverage for physical damage exposure to equipment, data and media, a comprehensive financial institution bond and director and officer (D&O) liability coverage, when combined, offer financial institutions a comprehensive risk management solution when dealing with a cyber-attack and / or data breach recovery incident.
Cyber insurance policies are an important risk mitigation tool for banking institutions. For further information on the protections and limitations of such policies, please contact Mark D. Belongia at 312.582.1605 or mbelongia@ralaw.com.
View PDF