Making Sure: When Is Third-Party Cyber Insurance Needed?

It’s a natural impulse, especially perhaps when it comes to purchasing insurance coverage.

And even more especially when the insurance coverage is for something as intimidating as cyber security – a vague, nondescript, fuzzy and murky world that many people don’t truly understand, whether they would admit it or not.

The natural impulse in question comes in the form of “making sure.”  Is my policy loaded up sufficiently to safeguard my organization?  Hmm, I can’t be certain.  Let’s load it up, just to “make sure.”  That is not necessarily a bad thing or a wrong decision.  Getting all the facts, of course, can provide greater clarity.

One area of cyber security insurance presents an option between first-party and third-party coverage, and the choice in this segment, at least, can be pretty easily understood and acted upon appropriately.

First-party cyber insurance covers the costs associated with being the victim of a hack.  That includes everything from notifying clients of the breach, to weathering the storm of lost revenue that typically follows.  Third-party cyber insurance helps cover the risks of being blamed for a breach, particularly if the company in question does assessments of digital security – a fairly narrow area of specialty – or when a gap in one’s own security is responsible for passing on a virus to another organization.

Policies have evolved to cover first-party exposures more extensively, but third-party exposures and coverage grants are still present and quite possibly required to be purchased.

But think of “third-party” as being the same as a lawsuit.  In that case, if a business is not providing media services for a fee or IT services, its third-party exposures probably revolve around the following typical coverages:

  • A Media clause offering coverage for claims alleging liability resulting from the dissemination of online or offline media material, including claims alleging copyright/trademark infringement, libel, slander, plagiarism or personal injury. This could include websites, social media sites, and chat rooms. 
  • A Privacy & Network Security clause would involve third party actions or lawsuits involving customer information, vendor information, or employee information.

Do you want to “make sure” when it comes to cyber coverage?  Contact the team of professionals at the Reschini Group for more information on cyber security options that make sense for your organization.

Copyright 2020 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.