What Happens When You Report an Incident to Your Cyber Insurance Provider?

Interest in cyber insurance has grown in recent years as small businesses recognize the prevalence (and costly nature) of online threats. Then again, a lot of business leaders still have unanswered questions about cyber liability insurance: What does it cover? How much does it cost? How can I find the right provider?

These are all great questions, but this blog post will focus specifically on what happens when you report an incident to your provider. If you do not yet have a cyber insurance policy, CyberPolicy is more than happy to set you up with a provider best fit to your company's unique needs.

So, what does happen when you report a data breach or cyberattack to your provider? While it's true that your insurer will walk you through the breach-response process , it's important that you understand the process. Below is a simple roadmap of this process:

  • A revelation of data theft or cyberattack triggers your claim.
  • The policyholder contacts their carrier or agent with a notification about the incident. This should be done immediately.
  • The insurer then launches an investigation to assess the scope and impact of the incident; as well as methods of incursion, first- and third-party impacts and the value of the potential losses.
  • The insurer will provide a forensic and legal analysis. Some may even go so far as to connect the policyholder with a legal representative experienced in these matters.
  • Technical domain experts may contact your IT department to discuss the forensic analysis in depth, and might provide a short list of external agencies to assist in remediation efforts if necessary.
  • Since breach-notification laws exist in 48 out of 50 states, the onus of reporting the security event to law enforcement falls on the policyholder.
  • The insurer will provide the policyholder with a letter outlining the scope of their coverages. You can trust your provider to handle the accumulating costs of the breach or attack and process the invoices that come through.

Once the response portion of the engagement has been completed, policyholders and insurers will shift their focus to defense. Depending on the needs of your organization, this could include handling a class-action lawsuit, managing regulatory fines, limiting income loss or even mitigating damages to your brand reputation.

How to Select a Cyber Insurance Policy

It can be tough to find the right cyber insurance policy if you don't know where to begin. Be sure to ask plenty of questions of your potential provider, including:

  • Do they have experience insuring clients in your industry?
  • Do they offer policies fit to your company's size?
  • Do they provide first-party coverage, third-party coverage or both?
  • Do they offer other forms of insurance as well, or are they are solely dedicated to issues relating to data breach and cyber threats?
  • Are there any exclusions of which you should be aware?

A cyber insurance policy only costs pennies a day; it's a smart investment compared to the high cost of a data breach and cyberattack. Visit CyberPolicy for your free quote today!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375