The airwaves have been filled with information about the latest privacy breach involving Wikileaks releasing e-mails from Stratfor, a global security/intelligence company.
If it sounds familiar, that’s because similar data breaches have been in the news almost constantly for months now. Businesses and insurers alike are taking note.
Betterley Risk Consultants recently stated that it believes interest in technology coverage is largely driven by concerns over privacy breaches.
If there was any doubt that this risk is generating ample interest, Betterley’s survey found that more than 95 percent of readers see coverage for data breaches as highly or somewhat interesting.
“Combined with increasing pressure by business partners to show evidence of real coverage, the days of self-funding this risk may be about over,” Betterley states.
As demand for this coverage increases throughout the business world, carriers have responded by offering higher capacity and more targeted products. Betterley reports that large carriers will offer up to $25 million in limits for technology risks, and even small carriers will put up between $5 million and $10 million in limits. Excess coverage is available, too.
Lockton reported recently that the leading cause of data breach events is stolen computer equipment such as laptops and memory sticks. The broker said this makes up 33 percent of breaches.
Coming in a close second is theft from hackers and criminals, which makes up 32 percent of data breaches. Rogue employees are responsible for 19 percent of these problems.
Carriers seem to be responding with new products. In February alone, Liberty International Underwriters launched three new tech-related products and hired Oliver Brew as vice president of miscellaneous professional liability and technology errors and omission (E&O). He has more than a decade of experience in global technology, network privacy and data security E&O.
NAS Insurance Services launched a new product to provide educational facilities protection against privacy breaches.
Carriers have developed dozens of other privacy-related coverages over the past year, too, targeting segments healthcare, finance, retail and other segments.
LIU’s trio of new products all have at least some privacy component involved.
LIU Tech Insure, the company’s broadest offering for technology service companies, covers breach of contract, intellectual property infringement, project failure coverage, data breach liability and E&O for all offered services.
LIU Data Insure provides standalone coverage for data breach liability and related costs coverage for companies that handle personal data. LIU DataPro Insure provides professional liability coverage as well as data breach liability and related costs cover for a wide range of professions and companies.
“Computer hacking has always been a risk for any company with a website and a network, but recently the frequency and severity of attacks has significantly increased,” Brew said at the product’s release. “Data security is now more than just an IT issue – it is a board-level issue.”
The new NAS Insurance Services product is called NetGuard Plus writeNOW! For Schools. It offers network security and privacy protection for K-12 schools.
The company said that it designed the product to meet growing exposure to breaches that could compromise sensitive and confidential student, parent and employee information.
As both companies and insurers look at covering privacy risks, Betterley defines this as three areas.
First, companies can be liable if a client’s third-party data is compromised. This type of problem is generally covered by an errors and omissions policy.
Another risk is to a company’s own data, which is considered a first-party coverage. These types of claims are not usually covered by an E&O policy but can usually be covered by a cyber policy.
The third area of risk is for data that is lost while in the possession of a company, such as through hackers breaking into a network or the loss or theft of a laptop with confidential material.
“Our concern, though, is that coverage for breach of data that is not a result of an error or omission might also be needed,” Betterley states.
Carriers and their insureds continue to hash out the details of what exactly is covered and should be covered when it comes to data breaches, suggesting that a slew of new products could be on the way.