You have a perfectly good CGL, so why buy cyber and privacy liability?

By Michal Gnatek on July 15, 2014

Cyber and Privacy Liability insurance programs have grown in popularity and market share over the past decade as insureds and insurers alike grapple with the mercurial risks associated with interconnected business and supply chain dependency, a dramatic escalation of increasingly sophisticated cyber attacks, and a proliferation of data privacy laws and regulations.

An industry known for embracing paper and shunning change, the P&C market struggles to keep pace with the modern business world, which is full of personally owned mobile and other portable devices, and concepts such as advanced persistent threats, the “Internet of Things”and the “cloud.”

While insurance companies are known for creating bespoke policies to address new risks not initially contemplated within the confines of traditional property and liability policies, insureds are within their right to see how those current programs address 21st century risks.

If only one of Target, Snapchat, Facebook, Google, Twitter, Yahoo!, Adobe, and so on and so forth, had suffered a serious data breach within the last few months that would be sufficiently troubling. Yet data breaches have become so ubiquitous that a single week (if not days) without one hitting the headlines seems almost strange.

By now every organization should appreciate that—no matter how robust and sophisticated its network security is—it remains a vulnerable target for cybersecurity breaches and the host of negative consequences that typically follow, including class action lawsuits (so far, dozens of suits have been filed against Target), substantial breach notification costs, and other “crisis management” expenses, including forensic investigation, credit monitoring, call centers, and public relations efforts, as well as potential regulatory investigations, fines, and penalties. Insurance can play a critical role in addressing cybersecurity risks. But the time to consider insurance coverage for data breaches and other cybersecurity risks is before an organization becomes the next Target.

Read the rest of the paper…

Download: Why Buy Cyber and Privacy Liability When You Have a Perfectly Good Commercial General Liability Program?