What CIOs Need To Know About Cyber Liability Insurance

• Media Liability: These are advertising injury claims such as infringement of intellectual property, copyright/ trademark infringement, and libel and slander. Due to the presence of the internet in businesses today, technology companies have seen this coverage migrate from their general liability policy to being bundled into a media component in a cyber policy (or a separate media liability policy). Coverage here can extend to offline content as well.

• Network Security: A failure of network security can lead to many different exposures, including a consumer data breach, destruction of data, virus transmission, and cyber extortion. Network security coverage can also apply if you’re holding trade secrets or patent applications for a client, and that information is accessed due to a failure of your security.

• Privacy: Privacy doesn’t have to involve a network security failure. It can be a breach of physical records, such as files tossed in a dumpster, or human error such as a lost laptop, or sending a file full of customer account information to the wrong email address. Companies have also faced liability from returning a photocopier with a hard drive that contained unwiped customer tax records. A privacy breach can also include an action like wrongful collection of information.

While it has some very clear benefits, having cyber liability insurance is not an excuse to have poor cyber security solutions in place, just like having auto insurance doesn’t give you license to drive recklessly. Cyber insurance is not about transferring the responsibility of securing your organization to an insurer; CIOs must still be in compliance and have standard safeguards in place.

Regardless of your cyber liability insurance policy, remember these simple security practices:

• Write and put in place a data breach response plan in the event of a breach
• Conduct an external penetration test to highlight potential areas to address
• Keep all your systems and software patched up
• Implement strong access controls to reduce the use of stolen credentials
• Have security controls in place that will reduce your CLI premium and strengthen your security posture

As a CIO, you will want to demonstrate to your insurer that your organization did all that it could to protect itself and its assets effectively. Cyber liability insurance is no substitute for security best practices.

Founded in 2005 and based in Irvine, California, SecureAuth with over 540 customers worldwide, provides multi-factor authentication, single sign-on, adaptive authentication, and self-service tools.