I’m sure you have heard a lot about Cyber Insurance and hopefully you have a policy in place to protect your organization. How much do you really know about your coverage? You assume it will pay all your cyber damages, but will it? If you have a Cyber policy or are thinking of putting one in place, make sure it has these key coverages and know your limits for each:
- Social Engineering Fraud
- Vendor Payment Fraud (Invoice Manipulation or Push Payment Fraud)
- Cyber Extortion
Social engineering is any phishing, vishing or other attack against any employee or senior executive officer that results in the transfer of your funds to an unintended third party. When this happens, you might think you are fully covered up to policy limits, but you may not be. Look at your policy or speak with your agent and get to know your specific limits. Some of these specific coverages may have lower limits than your overall Cyber Incident coverage. There may also be other limitations to when coverage applies.
Vendor fraud has become very sophisticated and includes abuses of improper payments to real or fictitious vendors. Imagine someone hacking your system and generating payment invoices just like yours with a different bank number. These invoices are sent to your customers and payments are made. Do you know if this is covered and if so, what is the limit of coverage? Most Cyber policies cover first-party fraud/theft of your funds but not always third-party fraud/theft of your customers.
Extortion coverage reimburses you for any ransom paid by you, or on your behalf, in response to an extortion demand through the introduction of malware or ransomware into your computer systems. This malware may prevent you access to your computer systems, may threaten to reveal confidential information you maintain, or damage your brand by posting false comments about you on social media sites.
Talk through potential situations like these with your agent and discuss how those situations might be covered and what limits would apply. Your agent can work on your behalf to make sure coverage is in place. Understand your coverage, know your limits, and don’t hesitate to ask questions. For a discussion on your Cyber risk feel free to contact me for a review.