Cyber and Crime Insurance

Cyber liability and crime insurance address losses, but one covers direct losses while the other covers indirect losses

Crime policies cover the direct loss of your funds, whether through maleficence, employee dishonesty or social engineering whereas cyber policies cover economic damages arising through a failure of network security or privacy controls which may cause indirect losses.

Even as cyber criminals and their tactics become more complex, the majority of cyber and cyber-crime attacks are executed via social engineering.

What Is Crime Insurance?

Crime insurance can help protect your company from significant losses caused by both third parties or internal employees. It provides coverage for loss of money or other assets against theft, fraud, forgery, burglary, and more.

First-party coverage protects your business from its own losses that occurred as a result of some type of criminal activity. Third-party coverage protects your business if another business or entity claims that a criminal act perpetrated by your business caused them direct losses

Claim Example

Theft of cash by site manager

A client operated a temporary summer site that ran for six weeks only. The manager in charge was taking money from the safe after all other staff had left the site. Over a short period, he stole circa £90,000 to feed a gambling addiction. Initial concerns were raised when head office flagged that June sales had not been entered onto their accounting system. It was then noticed that our client’s bank had only received one weeks’ takings from the event. Our client’s expectation at this point was that the takings would still be in the safe. However, when checked, the safe only contained £3,658 leaving an amount of £92,299.68 unaccounted for.

Employee system breach and theft

An employee / employees of a client obtained passwords to the till computer system that they were not authorised to have. They used these to access the system and delete transactions from the days takings. They then took cash to the value of the deleted transactions so that the till ‘balanced’. The irregular pattern of deleted transactions was picked up and investigations ensued, which led to the full extent of the loss being discovered (circa £50K).

What Is Cyber Liability Insurance?

Cyber liability insurance protects companies against third-party lawsuits relating to electronic activities. This coverage typically also provides plenty of recovery benefits regarding data restoration and reimbursement for income lost and payroll spent

According to research, phishing emails initiate 91% of all cyber attacks.

Much like crimes, unfortunately, cyberattacks come in many forms, such as:

1. Denial of Service (DoS)

2. Distributed Denial of Service (DDoS)

3. Malware (i.e., ransomware, spyware, worms, viruses, etc.)

4. Phishing

5. Password attacks

6. Cross-site scripting

7. Rootkits,

8. Zero-day exploit

Ransomware Attacks

A hospital’s computer system was the subject of a ransomware attack. While the attacker sought only $500, the cyberattack essentially shut down the medical facility. The hospital incurred signifcant expenses attempting to restore the data from their computer systems. They could not bill any of the health insurance carriers while the system was afected. Additionally, the imaging capabilities of the hospital were greatly impacted as they could not produce the images from MRIs or CT scans. The malware completely corrupted the hospital’s system and they had to resort to paper mode to chart and monitor patients. Lastly, the hospital’s payroll system also went down as part of the attack. As a result of the attack, more than $700,000 was paid for forensics, data recovery, business interruption and crisis management costs

CRIME	RISK	CYBER
×	Data Breach Management Expenses	√
×	Legal Liability & Defence Cost	√
×	Regulatory Investigation	√
×	Loss of Income Due to Security Failure	√
×	Cyber Extortion	√
×	Fraudulent Fund Transafer	√
√	Social Engineering (Leading to loss of Funds)	×
√	Employee Theft	×
√	Forgery	×