Examine the Scope of Coverage
Policyholders will want to carefully consider their risks and the scope of coverage afforded to them under a cyber policy. The coverage afforded under cyber insurance policies vary. Most policies cover costs relating to investigations, including those relating to administrative and regulatory actions, and they cover fines and penalties. Many cyber policies also cover remediation/crisis management, including the costs associated with a data breach. This can be important as a policyholder is likely to be required, after a breach, to notify those affected and may also be required to provide credit monitoring services. Depending on their risks, policyholders also may want coverage for electronic extortion, network interruption, and/or media liability for risks relating to copyright infringement and other intellectual property issues.
Pay Attention to Coverage Limitations and Exclusions
Policyholders need to be mindful of their policies’ exclusions and limitations. Some cyber insurance policies, for example, purport to limit coverage to an insured’s acts and omissions. This can present an issue for policyholders that store data on third-party “cloud” networks. Policyholders should determine whether their policies adequately cover acts and omissions of third parties.