There are many variables in selecting cyberinsurance and “each of these types of insurance have significant benefits depending on a business’s size, organization, and industry” according to the “Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk” report issued by SurfWatchLabs which included the main types of cyberinsurance coverage from over 50 insurance companies which include legal fees:
- Data breach and privacy management coverage – covers costs associated with managing and recovering from data breaches, including investigation, data subject notification, credit monitoring, and associated legal fees.
- Multimedia liability coverage – covers defacement of websites, media, and intellectual property rights.
- Extortion liability coverage – covers damages incurred from extortion. This could be used in the case of DDoS attacks which demand ransoms, for example.
- Network security liability – covers costs associated with denial of service and third-party data theft.
These short-terms risks to guard against were listed also include legal fees:
- lost data and records management
- lost customers
- financial loss (in the case of theft)
- immediate loss in profits
- notification of those affected by breach
- identity theft protection
- reissuing of compromised cards
- lawyers’ fees
- short term drops in investment
Since 47 (soon to be 48) states require reporting of cyberintrusions, it’s essential that all business be alert to possible intrusions and have the proper insurance coverage.