back Back to Blogs

What are the Four Main Risks Covered under Cyber Liability?

Posted on 29 August, 2022

Cyber liability insurance or corporate cyber insurance can help businesses mitigate the risks arising from cyber security breaches. In a world that is increasingly connected, with the growth of Internet of Things (IoT), and the advent of digital platforms in almost all business spheres, cyber-related risks have also increased manifold.

With the fast-paced evolution of financial technology (FinTech), payment gateways are increasingly growing in popularity and are becoming the preferred transaction method in India. Since the launch of UPI in 2016, digital payment has made great headway. Today, there are multiple platforms available for financial transactions. Along with this, applications are also being developed to ensure safety and security of these platforms. However, hackers too are ahead in the game thus making cyber crime a challenge to combat.

icon

A corporate cyber insurance or cyber security insurance is a relatively new offering in the insurance arena. With the rise in data breaches and hacks, protection from risks due to cyber crime becomes significant. A comprehensive cyber insurance provides coverage against any financial losses due to data leak, malware attacks or data theft. In addition to providing coverage for first party liability, third party liabilities are also covered to some extent.

Four Main Risks Covered under Cyber Liability

Corporate cyber insurance primarily provides coverage for four main categories of risk, namely:

  • Privacy Risk

  • Security Risk

  • Operational Risk

  • Service Risk

The nature and type of your business, the size and operational aspects, the extent to which your business employs digital tools, are some of the factors that determine the cyber security risks that your business is susceptible to. It is important to assess the risks appropriately before choosing a cyber security insurance.

Below are the details of each of the above-mentioned risks along with examples:

1. Privacy Risk

The risk that arises from the loss of confidential data in the form of legal expenses or penalties due to data breach or disclosure is covered under this category of risk. Businesses that deal with large volumes of sensitive data or financial data, government establishments, financial entities, etc. are more susceptible to privacy risk, as compared to other businesses.

For example, in a healthcare company that deals with sensitive data of patients, leakage of personal data due to lack of safeguards, or virus attacks can result in litigations or other losses, and is a privacy risk.

2. Security Risk

Closely related to privacy risk, security risk is the loss of data due to illegitimate disclosure, breach of security, either in the form of network security or corporate data divulgence. Organizations that are greatly dependent on technology and digital platforms for their daily processes are more vulnerable to security risk. Liabilities or financial losses due to loss of network or network error also fall under this category.

A financial company involved in cash transactions and data exchanges losing data to a competitor due to inappropriate access controls is a security risk.

3. Operational Risk

Operational risks under cyber security are classified as those risks to information and technology assets primarily related to confidentiality and data integrity. These are risks that arise from the action of people, failed processes, technology and systems failure or other external events. The people and process aspects are based on how much they are involved in technology and information systems.

For example, misuse of data by an employee in a bank.

4. Service Risk

A service risk is considered as one that prevents a business from offering its services without hindrance or errors. Any business in the service sector such as consulting, technology, software, banking, etc., is more prone to this category of risk. Any cyber errors or omissions that result in either service failure or interrupted service fall into this category of risk.

An example is an architectural and design firm unable to complete its consulting due to technology disruption.

Cyber Security Insurance Coverage against the Risks

Network failures, unauthorized access, fraudulent transactions, ransomware, malware attacks and other cyber security crimes are rampant in today’s virtual business scenario. In such a situation, corporate cyber insurance has become inevitable for most businesses that are in the technology and digital space.

Cyber security insurance provides coverage against financial losses due to first party liabilities. Additionally, third party liabilities such as reputational losses or judicial cases against leak of personal information of a third party are also covered.

In the case of a privacy risk, cyber security insurance provides coverage against losses due to data breach or privacy breach of the insured along with any losses due to the insured party’s clients, who are considered the third party under this cover.

Security risk is covered under corporate cyber insurance whereby any financial loss or leakage of data due to security breaches or network failures or divulgence of corporate information is mitigated. Coverage for operational risks include losses arising from any people or process related operations in information systems or technology.

Service risks are covered under corporate cyber insurance and provide coverage for losses that arise from an inability to render services smoothly, such as incomplete service delivery, reputational losses or defamation suits for service failure, etc.

Conclusion

With the pandemic, most businesses have shifted to virtual operations. This has created several new possibilities for cyber criminals to access confidential data due to unsecure networks, access loopholes, bandwidth challenges, etc. Human vulnerabilities have been taken advantage of, and breaches are being witnessed in unexpected ways. This is true for all businesses, irrespective of industry, location and size.

In such a scenario fraught with cyber security challenges, insurance providers have shifted from their earlier role of being a risk transfer facility, to now becoming an essential part for businesses in managing their risks. Insurance companies are taking extra measures to ensure maximum coverage for a broad spectrum of risks.

  • Corporate Cyber Liability Insurance
  • Product Code: 4056
  • Product UIN: IRDAN115CP0001V01202021

Help us know you better!

This contains only an indication of the cover offered. For complete details on risk factors, terms, conditions, coverages and exclusions, please read the sales brochure carefully before concluding a sale.ICICI trade logo displayed above belongs to ICICI Bank and is used by ICICI Lombard GIC Ltd. under license and Lombard logo belongs to ICICI Lombard GIC Ltd. ICICI Lombard General Insurance Company Limited, ICICI Lombard House, 414, Veer Savarkar Marg, Prabhadevi, Mumbai – 400025. . IRDA Reg.No.115. Toll Free 1800 2666. Fax No – 022 61961323. CIN (L67200MH2000PLC129408). customersupport@iciclombard.com. www.icicilombard.com. (Workman Compensation, 4010 , IRDAN115P0010V01200607)