For the smaller IT businesses, freelancers, and independent contractors we most often work with, third-party risk is far more common. That is, it’s fairly common for our customers to work with lots of client data, but less common for them to have lots of data on their own clients. (The notable exceptions are data miners, business intelligence consultants, and database administrators.)
The good news, as we mentioned above, is that most Professional Liability Insurance policies we sell include coverage for third-party Cyber Liability. To be sure your exposures are covered, though, it’s always wise to double-check with your agent whether your policy offers this protection.
What Does First-Party Cyber Insurance Cover?
Because first-party Cyber Liability Insurance covers the cost of breaches to your own network (and the cost to clean them up), it may help pay for:
- Customer notification.
- Anti-fraud protection for customers.
- Security incident investigations.
- Crisis management.
- Insider data breaches.
- Cyber extortion / ransomware costs.
Let’s take a minute to break that down. Say you’re working on an in-house directory for a corporate client. You’ve got information for thousands of company employees and you’re excited about the wireframe you’ve developed. Unfortunately, biking home from the office, the flash drive you back everything up on falls out of a hole in your computer bag.
Even if nobody ever picks up the drive and plugs it in, this counts as a breach. You have to notify your client and they want you to pay for credit monitoring for every employee whose info was on the drive. A first-party Cyber policy could handle those costs.
In addition to unfortunate mishaps like this, hacks, insider data breaches, ransomware attacks, software malfunctions, and improper configurations can all leave your data exposed. They can also likely be covered under your first-party policy.