Cyber-Related Business Interruption
WHY THIS MATTERS
Cyber insurance coverage for business interruption (aka BI) after a security event is important regardless of your concerns over your data assets. A cyberattack can be financially devastating, threatening the very existence of your business due to a shutdown.
The ninth annual Advisen Information Security and Cyber Risk Management report (in Q4 2019) revealed that survey respondents chose data breach as the number one risk (95%), followed by cyber-related business interruption (94.5% and cyber extortion/ransom (89%). The 2019 survey illustrates where cyber insurance can bring value. The transfer of cyber-related business interruption risk warrants further analysis.
Some of the industry sectors hardest hit by BI include retail, manufacturing and general services.
Regardless of the size of your business, you will want to seek out an insurance carrier that provides BI. Your company’s ability to bounce back from a cyberattack (in terms of your data assets, customer retention and balance sheet) could depend on it.
Cyber insurance coverage for business interruption (aka BI) after a security event is essential regardless of your concerns over your data assets. A cyberattack can be financially devastating, threatening the very existence of your business due to a shutdown.
Some of the industry sectors hardest hit by BI include retail, manufacturing, and general services.
Regardless of the size of your business, you will want to seek out an insurance carrier that provides BI. Your company’s ability to bounce back from a cyberattack (in terms of your data assets, customer retention, and balance sheet) could depend on it.
Hackers and unauthorized cybercriminals are adept at exploiting weaknesses in networks and computer systems. Your business may be crippled or completely halted via:
- Ransomware attacks that encrypt your data until you pay the ransom (usually in Bitcoin) or decide to have your data restored (with or without backups)
- Distributed denial of service (DDoS) attacks that overwhelm your website’s bandwidth (or that of one of your providers), making it inaccessible to users.
Unfortunately, companies with weaknesses in cybersecurity may not be able to prevent, detect, or mitigate the problem once discovered, which increases the length of business interruption.
Cyber Risk Management Strategy
Here are some action steps for good cyber hygiene:
Create a formal, documented risk management plan that:
- Addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyberattack risk assessments
- Logs all systems used, their functions, and where data is stored (including backups)
Good cyber defense, including firewalls, anti-virus protection, and routers (changing default passwords) and software updates and patching for operating systems and applications.
Employee cyber risk awareness training
- Malware risk via hyperlinks in phishing emails
- Password updated schedules
- Limited access to company data (as appropriate)
- Limited ability to install software
- Videoconferencing security settings and passwords
Comprehensive stand-alone cyber insurance.
Keep in mind that traditional commercial property insurance is not intended to cover cyber-related business interruption after a cyberattack. Cyber insurance addresses this separate exposure to ensure that you have protection from a security event or failure.
Typically, a robust cyber insurance policy covers the policyholder’s net profit before taxes that would have been earned had there been no BI as a result of a cyber event.
BI losses typically include the costs associated with continuing to run the insured’s business, including payroll expenses and the costs to reduce the impact of the income loss (aka extra costs). Like under commercial property policies, you need support via a proof of loss that quantifies the claim.
Typically, BI under a cyber policy does not include potential lost profits (i.e., unaccrued lost profits) or improving your technology (i.e., betterment) or reputational harm.
Most BI coverage has a designated waiting period that must elapse before a recovery is possible. Waiting periods essentially replace the policy retention (i.e., deductible) and are slated in a number of hours, instead of monetary value. In some cases, a forensic accountant may be required to provide the quantification, reviewing the insured’s net profit per hour and the company’s financials.
Contingent Business Interruption
Contingent business interruption (CBI), (aka dependent business interruption) reimburses lost profits and extra expenses resulting from an interruption of business at the premises of a customer or supplier.
In other words, security events or system failures outside of your company’s control, say at your internet service provider, are considered CBI. For example, if your website becomes inaccessible for several hours due to an outage at your web hosting provider.
The need for CBI comes down to:
- How much your company’s operations rely on an outside entity?
- How much would a long-term computer outage disrupt your operations?
- Whether you have a business continuity plan?
- Whether you have identified and documented all potential areas of loss?
- How much CBI risk do you need to transfer?
- Your operational risk transfer to a stand-alone cyber insurance policy is an integral part of your cyber risk management strategy – unless you have the funds to cover losses during your cyber-related business shutdown.
- BI covers costs associated with continuing to run the insured’s business, including payroll expenses and the costs to reduce the impact of the income loss (aka extra expenses).
- CBI typically covers security failure occurring outside of your business. However, system failure coverage (e.g., events not caused by a cyberattack occurring outside of your business) is less common and may have a sub-limit structure.
- Since CBI is less widely covered in cyber policies, you are advised to seek specialist advice and an insurance carrier that provides CBI coverage that suits your business risk appetite.
Reach out to a specialist cyber broker, such as Cyber Armada Insurance, to request innovative and robust cyber solutions appropriate for your needs and cyber risk tolerance. We understand the evolving demands and expectations of cyber insurance clients.
Contact Cyber Armada today to examine how your company faces potential financial losses due to the use of cloud services. Contact us at 888.727.6232.
Our upcoming article on cyber insurance for business continuity and disaster recovery plans.