Cyber insurance, also known as cyber liability insurance or cyber security insurance, is a contract that an entity can purchase to help reduce the financial risks associated with running an online business. In exchange for a monthly or quarterly fee, an insurance policy transfers certain risks to the insured.
Given the dynamic and fluctuating nature of relevant cyber risks, cyber security policies may change from month to month. Unlike well-established insurance plans, cyber insurance policy insurers have limited data to formulate risk models to determine insurance policy coverages, rates and premiums.
Basics of Cyber Insurance
Cyber insurance emerged in the late 1990s as a result of increasing reliance on technology and increasing cyber threats. Initially, it focused on data breaches and cyber attacks, but over time it expanded to cover a wide range of cyber crimes, including ransomware, cyber extortion, social engineering attacks, system failures, and business interruptions due to cybersecurity incidents.
Cyber insurance has its origins in errors and omissions (E&O) insurance, which is a stand-alone insurance that protects against failures and errors in services provided by a company. E&O insurance is similar to product liability policies for companies that sell physical or digital products. While some cyber insurance policies have specific provisions for E&O, most providers sell them as separate and distinct policies. E&O insurance does not cover loss of third party data such as customer credit card numbers; Customers who need such protection can purchase a cyber insurance policy that includes it.