Cyber Crime Insurance Policy
Cyber Crime policy is designed to protect commercial businesses of all kinds against a wide range of first and third party liability cyber exposures associated with e-business, the internet, networks and information assets which resulted into privacy issues when their customer information is breached or stolen, or an infringement of intellectual property or virus transmission that may be passed from first to third parties via the web.
Companies with access to private, confidential information about their customers have a responsibility to keep it secure. Equally, companies who have a web presence or a dependency on technology have emerging content and transactional exposures.
Cyber risk is steadily increasing: Security/Data breaches affect hundreds of millions of records a year and reports of breaches continue to rise at a dramatic rate. The introduction of viruses and unauthorized access are well known examples. Awareness by customers has increased fuelled by heightened media attention to incidents and litigation.
Policy provides Coverage for following:
1. Data Liability
A. Loss pf personal information
The Insurer will pay to or on behalf of any Insured all Damages and Defence Costs which arise out of a Claim by a Data Subject against the Insured in respect of an actual or alleged Breach of Personal Information.
B. Loss of Corporate information
The Insurer will pay to or on behalf of any Insured all Damages and Defence Costs which arise out of a Claim by a Third Party against the Insured in respect of an actual or alleged Breach of Corporate Information
C. Outsourcing
The Insurer will pay to or on behalf of any Company all Damages and Defence Costs which arise out of a Claim by a Third Party against an Outsourcer (where the Company has a contractual duty to indemnify) and which arises from any actual or alleged breach of duty by the Outsourcer in regards to the processing of Personal Information and/or Corporate Information on behalf of the Company (for which the Company is liable).
D. Network Security
The Insurer will pay to or on behalf of any Insured all Damages and Defence Costs which arise out of a Claim by a Third Party against the Insured which is caused by any act, error or omission by the Insured resulting in:
(i) the introduction of any unauthorized software, computer code or virus to Third Party Data on the Company’s Computer System which is specifically designed to disrupt the operation of or corrupt or damage any software or data recorded on the Company’s Computer System;
(ii) the denial of access to an authorised Third Party to its Data;
(iii) the wrongful appropriation of a network access code from the Company;
(iv) the destruction, modification, corruption, damage or deletion of Third Party Data stored on any Computer System;
(v) the physical theft of the Company’s Assets by a Third Party, or its physical loss; or
(vi) the disclosure of Third Party Data by an employee of the Company.
2. Administrative obligations
a. Data Administrative Investigation
The Insurer will pay to or on behalf of any Insured all Professional Fees for legal advice and representation in connection with any Regulatory Investigation.
b. Data Administrative Fines
The Insurer will pay to or on behalf of any Insured all Data Administrative Fines that the Insured is legally obligated to pay upon the conclusion of a Regulatory Investigation arising out of a breach of Data Protection Law.
3. Reputation and Response costs
- - Pro-active Forensic Services to find Out/ Substantiate Breach
- - Repair of the Company’s Reputation
- - Repair of the Individual Reputation (this is for director, chief compliance officer, Data Protection Officer or General Counsel of a Company)
- - Notification to Data Subjects:
- - Monitoring
- - Electronic Data
4. Multimedia Liability
The Insurer will pay to or on behalf of any Company all Damages and Defence Costs which arise out of a Claim by a Third Party against the Company solely in the performance of or failure to perform Multi Media Activities arising from the alleged or actual wrongful acts covered under the policy , Multi Media activities means the publication or broadcast of any digital media content
5. Cyber Extortion
the Insurer will pay to or on behalf of the Insured all Extortion Loss that an Insured incurs solely as a result of an Extortion Threat.
Extortion Loss: means any:
- monies paid by an Insured with the Insurer’s prior written consent to prevent or end an Extortion Threat; or
- Professional Fees for independent advisors to conduct an investigation to determine the cause of an Extortion Threat
Extortion Threat: means any threat or connected series of threats, for the purpose of demanding monies, communicated to the Insured to prevent or end a Security Threat.
Security Threat: means any threat to the Computer System that may result in an actual or alleged Qualifying Breach of Data Security causing financial harm to the Company.
6. Network Interruption (Business interruption due to qualified breach)
the Insurer will pay to the Company any Network Loss in respect of a Material Interruption that an Insured incurs after the Waiting Hours Period has expired and solely as a result of a Security Failure.