The Expert Podcast

 Introduction
  • Discussing the necessity of cyber liability insurance for individuals and businesses.
  • Understanding the lack of legal requirements for cyber liability insurance.
General Exclusions in Standard Policies
  • Most standard insurance policies have exclusions for cyber losses.
  • General liability policies often exclude coverage for data breaches and cyber attacks.
  • Errors and Omissions (E&O) policies may exclude cyber-related damages.
Evaluating Cyber Liability Insurance
  • Differences in coverage: No standard cyber liability insurance policy exists.
  • Importance of verifying coverages specific to your needs.
  • Surplus lines policies: Custom terms and conditions from each insurance company.
Business Dependence on Cyber Systems
  • The widespread reliance on computer systems in various industries.
  • Examples of cyber dependency: customer management systems, e-commerce, payroll, and manufacturing systems.
Third-Party Cyber Risks
  • Coverage considerations for third-party dependencies.
  • Impact of suppliers’ cyber issues on your business.
  • Need for coverage when your system compromises customer information.
Industry Requirements and Contracts
  • Certain industries may have licensing requirements mandating proper coverage.
  • Contractual obligations that indirectly necessitate cyber liability insurance.
Working with Insurance Professionals
  • Importance of consulting with an experienced insurance agent or broker.
  • Assessing current coverage, identifying gaps, and determining the value of cyber liability insurance.
  • Possible prerequisites for obtaining cyber coverage, such as implementing protective measures.
Conclusion
  • While not legally required, cyber liability insurance can be crucial for mitigating risks associated with cyber threats.
  • Ensuring comprehensive protection for your business and clients by securing the appropriate coverage.
If you have questions or want to delve deeper into today's topics, visit at RiskCovarage.com for additional resources. Until next time, stay insured and stay informed!

What is The Expert Podcast?

The Expert Podcast brings you firsthand narratives from experts across diverse industries, including private investigators, general contractors and builders, insurance agencies, vehicle specialists, lawyers, and many others.

Do you need to have cyber insurance or cyber liability insurance? Is this a type of coverage that is required for you or your company? Well, in most cases, there's no law that requires you to have cyber liability insurance, whether you're an individual with personal lines or a business with commercial lines coverage.

However, most insurance policies that are carried by a company or an individual have exclusions for certain cyber losses. If you're a company and your server is hacked and somebody deletes all your data, normally that's an exclusion from coverage under your general liability insurance policy. If you have somebody that infiltrates your system and creates damage for your customers, many times that's an exclusion from coverage under your E&O policy, or errors and omissions policy. Again, check your policy. We're not saying every policy is this way, but in general, you want to verify that your policy has these exclusions.

So does that mean you need to buy this coverage? Well, the first question is, what would a cyber liability policy cover? A cyber liability policy is not the same for every company. It's not the same in every state. There's no standard cyber liability insurance policy. There are many different types. In fact, most cyber insurance policies are considered what's called surplus lines policies, meaning that there's no standard form filed with the state. Each policy is set up with terms and conditions by the insurance company that writes it.

You want to look at any policy you purchase and make sure the coverage is what you want. In fact, you probably want to verify that if you want certain coverages, the agent confirms in writing that your particular cyber policy has those coverages because they are all different from one another.
Now, a lot of businesses think that they need to get one only if they're in the technical or computer industry, but most companies are now very computer dependent. You probably have a customer management system. You may have platforms you use to integrate with your suppliers or your customers. You may have an e-commerce system that bills your clients or customers. Many times, your internal software, your payroll, and your manufacturing systems are all part of different programs that run your business. That's all technical. That's all cyber. If it's connected to the internet, it's possible that a bad actor, a hacker, or a cybercriminal can attack it, and if it does damage, you may or may not have coverage.

In addition, you want to determine whether or not you need to have coverage for third parties or from third parties. If you're a company that relies on a supplier and that supplier has a computer problem, whether or not it's a cyber attack, ransomware, or their system goes down, would that affect your business? What if you can't buy your supplies from that company for 30 days while they fix their system? Do you have coverage for that third party? Not every policy covers that.
What about if your system gets hacked and it affects your customers? Maybe their information will be released. You want to make sure that if you want this, your coverage will extend to that. Not every policy does.

So, while there's no law that says in most cases you need to have cyber liability, many times licensing for certain industries or your contracts might specify that you have proper coverage. It may not specify cyber coverage, but it may require you to have proper coverage for you, your clients, and your customers.

Work with a good agent. Make sure that your insurance agent or broker gives you a breakdown of what you currently have coverage for, where you may have gaps, whether or not cyber liability insurance would be valuable for your business, and what you would have to do to qualify. Not every business would qualify for it. You may have to put some policies in place to protect your system first before you're eligible for cyber coverage.