Security risks are out there whether your Microsoft Dynamics applications are on premise or in a hosted environment. Some of these IT risks, which include identity theft, security breaches, a hacker shutting down a network, theft of valuable digital assets, introduction of malware, worms and other malicious computer code, or human error, are presumed to be covered by the cloud hoster. In reality, however, relying on the cloud hoster’s insurance could leave insurance gaps open for your business. In order to prevent these gaps from occurring, you might need cyber liability insurance to protect your business.
What Is Cyber Liability Insurance?
As the market for cyber liability insurance continues to evolve, it is expected to grow dramatically over time as businesses gradually become more aware that current business policies do not adequately cover cyber risks. (Source: NAIC) With each announcement of a system failure or breach leading to a significant business loss, the awareness grows. Most companies only take action once they experience an issue and then address the particular vulnerability that was exposed. This has led the government to step in with legislation that adds pressure for business to step up efforts to protect the personal customer information in their possession.
Reviewing Insurance Policies and Controls
Once companies start using cloud-based applications, they must first look to adapt a strong vendor management policy to ensure their company is adequately protected from risk. After examining the controls, a company may want to adjust contract language or supplement the solutions with additional services. Companies using cloud-based applications should look closely at their existing insurance because many companies don’t realize that the hoster’s insurance does not protect the customer, it protects the hoster. To ensure a company has adequate protection, they must perform a comprehensive review of their insurance policies to address their IT risks.
Purchasing Cyber Liability Insurance
Most businesses are familiar with their commercial insurance policies providing general liability coverage to protect their business. However, most standard commercial lines policies do not cover many of the common cyber risks. Policies for cyber risk are more customized than other risk insurers taken on, and, therefore, more costly. The type of business operation will dictate the type and cost of cyber liability coverage. The size and scope of the business will play a role in coverage needs and pricing, as will the number of customers, the presence on the web, the type of data collected and stored, and other factors.
What Should a Policy Include?
According to the National Association of Insurance Commissioners (NAIC), cyber liability policies might include one or more of the following types of coverage:
- Liability for security or privacy breaches. This would include loss of confidential information by allowing, or failing to prevent, unauthorized access to computer systems.
- The costs associated with a privacy breach, such as consumer notification, customer support and costs of providing credit monitoring services to affected consumers.
- The costs associated with restoring, updating or replacing business assets stored electronically.
- Business interruption and extra expense related to a security or privacy breach.
- Liability associated with libel, slander, copyright infringement, product disparagement or reputational damage to others when the allegations involve a business website, social media or print media.
- Expenses related to cyber extortion or cyber terrorism.
- Coverage for expenses related to regulatory compliance for billing errors, physician self-referral proceedings and Emergency Medical Treatment and Active Labor Act proceedings.
Securing a cyber liability policy is not simple. The insurer will want to see the business’ disaster response plan and evaluate it with respect to the business’ risk management.
The good news is Myappsanywhere’s data center has an SSAE16 attestation that provides key controls to customers who subscribe to Microsoft Dynamics in our cloud. From risk management, to vendor management, to the protection of IT assets, controls have been put in place to help customers address cyber risks.
Have additional questions about cyber liability insurance? You can reach out to Myappsanywhere Chief Strategist John Leek here.
by Myappsanywhere