Smaller companies increasingly are the subject of data
breaches and those smaller companies "are the number-one target of
cyber-espionage attackers," according to a recent study detailed in a April 24,
2013 CFO.com article entitled "Should You Consider Cyber Insurance?" (here).
Smaller companies increasingly are the subject of cyber attacks due to
"inadequate security infrastructure for protecting financial information,
customer data and intellectual property."
As the cyber threats "become more pervasive," smaller
businesses are "taking out insurance policies designed to bolster their
protection form the potentially crippling costs that can accompany data
breaches and other cyber attacks." Take up for this product is, according to
the article, particularly strong for companies in the high-technology,
financial services and health-care industries. As the article explains, these
policies may be particularly valuable for smaller companies that lack the
resources to undertake as robust of a preventive program as a larger company
As the article explains, the policies provide both
first-party coverage (such as notification costs) and also protect against
third party liability claims (such as lawsuits for damages). In a serious
incident, this insurance protection, according to one commentator quoted in the
article "can sometimes be a life-or-death issue for smaller companies." The
policies also cover forensic IT examinations to determine how a breach occurred
and some policies even provide for public relations services to mitigate
negative publicity. Again, these services could be particularly valuable for a
smaller company that may not have sufficient crisis management resources
This type of insurance is of course no substitute for
proactive cybersecurity risk management, "such as sound data-protection
protocols and employee education." In any event, as part of the application
process, the insurance company will want reassurance that these kinds of
efforts and protocols are in place. The insurance provides company owners and
managers reassurance that the company will be able to weather the storm if
problems do emerge.
According to the article, as news about cyber breaches
become increasingly common, more and more companies will conclude that the
cost-benefit analysis weighs in favor or purchasing this type of insurance.
other items of interest from the world of directors & officers liability,
with occasional commentary, at the D&O Diary, a blog by Kevin LaCroix.
For more information about LexisNexis
products and solutions connect with us through our corporate site.