What is Crisis Management Coverage?
This 1st Party coverage reimburses an Insured for costs incurred in the event of a cyber attack or security breach of personal, non-public information of their customers or employees. This includes the hiring of expert legal counsel (typically known as a “breach coach”) to determine the Insured’s obligations under applicable Privacy Regulations, IT forensics to determine the cause and scope of the incident, customer notification and associated credit monitoring (if personally identifiable information has been compromised) and a public relations consultant to help avert or mitigate damage to the Insured’s brand.
What is Data Recovery?
The Data Recovery insuring agreement provides reimbursement to the Insured for costs incurred to determine whether damaged or destroyed computer programs can be replaced, recreated, restored or repaired; and costs to replace such damaged or destroyed software to the form it existed prior to the cyber security breach.
What is Business Interruption and Extra Expense?
The business interruption and extra expense insuring agreement provides reimbursement to the insured for loss of business income (net profit or loss before income taxes) that could have reasonably been earned or net loss that could have been avoided, including the costs of retaining a forensic accountant to determine such amount) resulting from a cyber security breach on the Insured’s network (or under the ownership, operation or control of the Insured) causing a total or partial interruption or deterioration in the Insured’s business operations. There is typically a waiting period of 8-12 hours before the Insurer will start reimbursement. Extra Expenses include reasonable and necessary expenses in excess of the Insured’s normal operating expenses which are incurred to reduce or avoid loss of business income and/or restore business operations.
What is Dependent Business Interruption?
This insuring agreement provides the same coverage as business interruption and extra expense described above with the difference being a cyber security breach occurring on a dependent provider’s network or critical vendor the Insured relies on such as a cloud provider, payment processor or other which in turn, causes a total or partial deterioration in the Insured’s business operations.
What is System Failure?
This coverage is typically provided by endorsement and is a broader trigger for the business interruption and extra expense coverage. This provides for an accidental, unintentional, or negligent act or an error or omission committed by the Insured or the Service Provider in the course of:
(1) data processing, programming, maintenance, service, conversion, modifying, handling, developing, or maintaining Electronic Data or Software; or
(2) operating, maintaining, or repair of Computer Systems, including the collection, compilation, processing, warehousing, mining, storage, or management of data; and the physical theft of hardware, or components thereof, controlled by you on which Electronic Data is stored, by a person other than an Insured, from a premises occupied and controlled by you, which causes a deterioration in the Insured’s business operations.
What is Cyber Extortion and Ransomware?
Expense and payments (including ransom payments (including cryptocurrency) if necessary) to a third party to avert potential damage threatened against the Insured such as the introduction of malicious code, system interruption, data corruption or destruction or dissemination of personal or confidential corporate information.