Consider expense and liability exposures when choosing cyber protection

by: Jay Isaacson

Recent lawsuits stemming from high-profile data breaches have no doubt spurred a fair number of discussions in credit union board rooms about cyber breach activity and potential insurance needs. In reviewing your credit union’s coverages, keep in mind that the defense of lawsuits—although they dominate the headlines—may not be your greatest expense if you experience a breach.

Cyber breaches can generate considerable expenses outside of litigation. Insurance can be part of the solution and should complement your credit union’s incident response plan. Fortunately, cyber insurance solutions are readily available today.

Understanding liability exposure
Some insurers have packaged certain cyber liability coverages within management and professional liability policies. If your credit union has this type of coverage, make sure to review the coverage limits and determine whether they’re part of an aggregate limit that includes other types of liability coverage, such as management liability. A liability loss could exhaust your policy aggregate limits and leave you without the cyber protection you thought you had purchased. According to the Ponemon Institute, the average cost of a data breach is $3.5 million1. If it’s bundled under an aggregate limit you may be on the hook for any other liability losses you experience.

Other questions you should ask: Are security breach expenses, such as the cost of conducting a forensic investigation of a breach, covered? If so, what types of expenses are included? Do you have access to breach response experts that can help you assess your exposure and walk you through all the steps needed to manage risks and quickly recover?

A stand-alone cyber liability policy may offer more robust options as they generally provide expanded coverage that goes beyond just basic security breach liability coverage. It also ensures that the limit is solely dedicated to cyber liability claims

continue reading »