800.668.7020
M-F 8:00AM TO 5:30PM CST
Better coverage. Better price.
General Liability Insurance

Instant business insurance quotes

800.668.7020

M-F 8:00 AM TO 5:30PM CST

Cyber Liability Insurance

When a data breach hits you or one of your clients, Cyber Liability Insurance is the policy most likely to come to the rescue. But Cyber Liability Insurance (also known as Cyber Risk Insurance and Data Breach Insurance) may be the most misunderstood insurance policy out there. And that kind of makes sense.

First of all, there’s lots of confusion about data security, which you know all too well if you’ve ever heard a news anchor try to explain what caused the latest mega breach. Secondly, Cyber Risk Insurance is one of the newest offerings in the insurance game, which means most folks are unfamiliar with it.

In fact, before we can talk about this coverage, we need to take a step back to explain that there are actually two different Cyber Risk Insurance policies:

  1. First-party Cyber Liability Insurance.
  2. Third-party Cyber Liability Insurance.

For most small IT businesses, third-party Cyber Liability Insurance is more important. The good news: most of the Professional Liability Insurance policies we sell have third-party Cyber baked in.

First-Party vs. Third-Party Cyber Insurance: Which Do You Need?

So: does your business have first-party or third-party cyber risks? Here’s a summary of what each looks like:

First-party: The risk that your own computers and systems will be compromised (or that your data will be breached). Anyone who stores a lot of customer data (credit card numbers, emails, phone numbers) is a potential target for a breach incident, whether it’s a hack, misplaced thumb drive, or unsecured email with a sensitive attachment.

Third-party: The risk that your clients’ systems will be compromised (or that their data will be breached). If your job description includes maintaining, hosting, or manipulating clients’ data, you have the potential to cause, enable, or fail to prevent a breach.

For the smaller IT businesses, freelancers, and independent contractors we most often work with, third-party risk is far more common. That is, it’s fairly common for our customers to work with lots of client data, but less common for them to have lots of data on their own clients. (The notable exceptions are data miners, business intelligence consultants, and database administrators.)

The good news, as we mentioned above, is that most Professional Liability Insurance policies we sell include coverage for third-party Cyber Liability. To be sure your exposures are covered, though, it’s always wise to double-check with your agent whether your policy offers this protection.

What Does First-Party Cyber Insurance Cover?

Because first-party Cyber Liability Insurance covers the cost of breaches to your own network (and the cost to clean them up), it may help pay for:

  • Customer notification.
  • Anti-fraud protection for customers.
  • Security incident investigations.
  • Crisis management.
  • Insider data breaches.
  • Cyber extortion / ransomware costs.

Let’s take a minute to break that down. Say you’re working on an in-house directory for a corporate client. You’ve got information for thousands of company employees and you’re excited about the wireframe you’ve developed. Unfortunately, biking home from the office, the flash drive you back everything up on falls out of a hole in your computer bag.

Even if nobody ever picks up the drive and plugs it in, this counts as a breach. You have to notify your client and they want you to pay for credit monitoring for every employee whose info was on the drive. A first-party Cyber policy could handle those costs.

In addition to unfortunate mishaps like this, hacks, insider data breaches, ransomware attacks, software malfunctions, and improper configurations can all leave your data exposed. They can also likely be covered under your first-party policy.

What Does Third-Party Cyber Insurance Cover?

Time to switch gears: third-party Cyber Insurance. As we’ve pointed out, this is the coverage that protects you in the event your clients’ data is compromised, not your own. When that happens and a client sues you, third-party coverage can pay for…

  • Attorneys to defend your company.
  • Settlement costs (to resolve the lawsuit amicably).
  • Court-ordered damages (if you’re found liable).
  • Miscellaneous court costs.

Third-party Cyber Liability is typically included in an IT professional’s Professional Liability Insurance, which covers many other tech-related liabilities and lawsuits.

Cyber Liabilities for Developers, Consultants, and Project Managers

The way you’re exposed to cyber liability depends on work you do. For example:

Developers. Software developers can be liable for faulty code that is susceptible to cyber attacks, programs without proper security measures, and compromises that occur because of mistakes they make while working at a client’s office or on a client’s network.

Consultants. Unfortunately, consultants can be liable for security even if they didn’t create the IT solution that was compromised. Merely recommending an IT product can make you liable. So if you advise a client to switch to an SaaS solution and the cloud-based data is compromised, a client could blame you.

Project Managers. As a project manager, remember that “stuff” sometimes rolls uphill, too. If your subcontractor makes a mistake that leads to a data breach, the client could sue you. Mistakes by the people you manage can end up costing you.

Cyber Liability Insurance: Related Resources

Still have questions about each side of the Cyber Liability Insurance coin? Learn more about first- and third-party Cyber Liability Insurance by browsing these additional resources:

TECHINSURANCE | 1101 Central Expressway South | Suite 250 | Allen, TX 75013 | 800.668.7020 voice [toll free] | Monday-Friday 8:00AM to 5:30PM Central | Contact Us