5 Cyber Risks for Technology Companies
Cyber risks are omnipresent for technology companies, yet one in five tech companies reported not needing cyber insurance coverage because of other preventive measures they take, according to the 2017 Travelers Risk Index.
“Preventive measures alone might not be enough to protect tech companies from a cyber loss,” said Tim Francis, Travelers’ Enterprise Cyber Lead. While the average total organizational costs of a breach now top $7 million,1 the complexity of meeting state and federal regulatory requirements can also be daunting for tech companies in the wake of a breach.
Here are 5 additional risks for tech companies to consider, along with how Travelers CyberFirst insurance can help.
1. Social engineering fraud. Phishing attempts, where employees receive seemingly legitimate emails from trusted sources, like vendors or clients, can lead to employees sending money in error to a fraudster’s bank account.
An optional endorsement to Travelers CyberFirst can cover direct loss of “money” or “securities” directly caused by “social engineering fraud.” Money is defined to include “virtual currency.
2. Business interruption and additional expenses from system failure. Software conflicts due to system updates or other system failure could accidentally shut down your network and lead to lost sales and lost business income.
To protect against this, consider adding first-party coverage for business income loss and additional expenses that are directly attributable to “system failure,” defined as an unplanned or unintentional outage of “your computer or communications network”. This does not include outages resulting from “computer systems disruption.”
3. Security breach notification and remediation expenses. After the theft of sensitive customer data, the costs for notifying customers and providing credit monitoring services can quickly add up. Other costs can include providing a call center to handle customer inquiries.
For reasonable fees, costs and expenses directly attributable to a security breach, and paid by the named insured, Travelers offers reimbursement coverage that can also help customers comply with any security breach notification law that applies to them.
4. Confidential business data breaches. If a hacker steals confidential information such as purchase history or financial records of your customer, many cyber policies may not provide coverage because they apply only to breaches of personal identity information (PII).
Travelers’ CyberFirst Network and Information Security Liability Coverage Form Wrongful Act definition is not limited to PII data, offering policyholders broader protection following a breach.
5. Security flaws and failure to update IT security. If your IT department fails to update security software, it could leave the door open to cyber thieves looking to steal sensitive business data. Some insurers may deny coverage due to failure to adhere to internal computer security protocols, or deny claims because the breach resulted from a failure to adhere to reasonable security standards.
Unlike other policies, Travelers’ CyberFirst does not have a “failure to adhere to your computer security policy” or a “failure to update your IT security system” exclusion.
Other coverages available from Travelers include crisis management service expenses coverage, extortion expenses coverage, contingent business interruption and additional expenses, and regulatory action coverage. Breaches of network and information security can be very costly for high-tech manufacturers. Discuss the range of risks for your business with your agent or broker.
1 Ponemon Institute® 2017 Cost of Data Breach Study: United States
More Prepare & Prevent
Preparation is key to mitigating a potential cyber event. What pre-breach steps can you take?
What is cyber insurance and how does it work? Get the answers and learn about different types of cyber insurance coverage.