Cyber Liability Insurance

What is a cyber incident?

A cyber incident is an “event that could jeopardize the confidentiality, integrity, or availability of digital information or information systems” (U.S. Department of Homeland Security).Common types of cyber incidents include:

  • Data breaches
    Threat actors expose confidential and/or legally protected information.
  • Malware attacks, including ransomware attacks
    Threat actors access and encrypt data and systems, rendering them unusable and demanding payment for decryption.
  • Social engineering attacks
    Threat actors exploit human error to gain unauthorized access to systems and data.
  • Denial of service attacks
    Threat actors overwhelm servers, systems, and networks with traffic to slow or stop them altogether.
  • Cyber fraud
    Threat actors transfer funds out of their targets’ accounts without authorization or under false pretenses.This list is not exhaustive, and cyber incidents increasingly “blur the lines” between these categories.
What are some of today’s top cyber threats?

Although the cyber risk landscape is constantly changing, some threats are perennial. ProWriters can help you and your clients stay “in the know” about current trends and emerging threats.

Read More:

What are social engineering attacks, and how can my clients protect against them?

Social engineering attacks, sometimes called “human hacking,” exploit human interaction and error to succeed. They are among the most damaging cyber attacks businesses and organizations face, since resulting damages can reach into the billions, and organizations of all sizes can fall victim to them.

Read More:

What exactly is a phishing email?

“Phishing is a type of online scam that targets consumers by sending them an email that appears to be from a well-known source—an internet service provider, a bank, or a mortgage company, for example. It asks the consumer to provide personal identifying information. Then a scammer uses the information to open new accounts or invade the consumer’s existing accounts” (Federal Trade Commission).

If you check your email spam inbox, you’re bound to find hundreds of phishing emails. Don’t open them! They can do serious damage to your computer system and your private information.

Read More:

What is Cyber Liability Insurance?

A Cyber Liability Insurance policy covers costs the policyholder incurs as the result of having suffered a data breach or other cyber incident.

Policies generally cover both first-party and third-party costs.

Covered first-party costs may include:

  • IT forensics to determine the incident’s source and scope
  • Ransomware payments
  • Business interruption
  • Rebuilding a compromised network and replacing affected devices
  • Notifying affected customers
  • Providing credit monitoring to affected customers
  • Public relations efforts to protect the targeted business’s reputation

Covered third-party costs may include the costs of defending and settling claims related to:

Who needs Cyber Liability Insurance?

In the past, Cyber Insurance was most appropriate for businesses holding PII: bank information (credit card and checking account numbers), Social Security numbers, driver’s license numbers, medical information covered under HIPAA, or confidential corporate information.

However, the dramatic proliferation and increasing sophistication of cyber incidents—especially ransomware attacks, social engineering, and fraud—mean any business using internet-connected computers should have Cyber Insurance. This coverage is now crucial for all businesses, especially small businesses that usually lack the financial resources to cover cyber incident costs on their own.

Read More:

How do I talk to my clients about Cyber Insurance?

Start by telling your clients a realistic, relevant story about a cyber incident and the scope of its possible financial consequences. Tell them about actual cyber incidents from their own industry. Then explain how Cyber Insurance not only protects them against such consequences but also gives them peace of mind.

Read More:

Can you give me some claims examples to show my clients?

News reports of cyber attacks growing more dangerous may sound exaggerated. However, they are absolutely true. At ProWriters, we understand how serious cyber security threats have become and that you need concrete examples to help clients appreciate the risk.

Read More:

What’s the best way to compare Cyber Insurance options?

Vetting Cyber Insurance companies and finding the right policy can be difficult. ProWriters uses our industry expertise to create tools and processes, including our proprietary Cyber IQ Comparative Rate Platform, that make it simple to find policies that match your clients’ needs and budget.

Read More:

Does a CGL policy cover cyber exposures?

Commercial General Liability (CGL) policies do not cover cyber exposures, despite the growing need for Cyber Insurance coverage.

Read More:

What is PCI compliance?

Created by the major players in the Payment Card Industry (PCI), including Visa, Mastercard, and American Express, these standards are meant to protect sensitive consumer data. They apply to businesses of all sizes. If your clients accept even one credit card payment, they will need to follow these rules.

Read More:

My client takes credit cards—what do they and I need to know?

Some business clients understand their exposure, but many don’t—or they incorrectly think the issue is no longer theirs because they’ve outsourced this service. Retailers need to make sure they have adequate coverage based on how many transactions they process, and most of this task falls to their insurance broker.

Read More:

How can my clients vet their third-party vendors?

The risks of third-party liability claims could be detrimental or devastating to an organization, so it’s imperative they select the most capable cyber security vendors to assist in the event of a data breach or other cyber incident.

Read More:

What is GDPR?

Put into effect in 2018, the General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world, imposing obligations on organizations anywhere that target or collect data related to people in the European Union.

Read More:

What are some common cyber security myths you hear?

Surveys show the majority of business leaders are confident in their cyber security. Yet data breaches and other cyber incidents keep rising. This disconnect suggests dangerous overconfidence and a false sense of security.

Read More:

Where can I find more educational material for myself and my clients?

Our always growing library of broker resources and our Cyber Insurance Blog will help you better understand the professional and management risks, especially cyber risk, your business clients face; increase your knowledge of trends affecting today’s market; and develop your authority as an expert your clients trust for practical risk management advice and robust, relevant policies.

Is Cyber Insurance really worth it?

We get this question a lot. The short answer is YES.

Read More:

E&O Insurance

What is E&O Insurance?

Errors & Omissions (E&O) Insurance covers your company in the event a client alleges error or negligence on your part and intends to hold you responsible for a service you provided (or failed to provide) that didn’t bring expected or promised results. Some professions—especially accountants, doctors, and lawyers—refer to E&O as malpractice insurance.

Read More:

Who needs and qualifies for E&O Insurance?

Any business providing a service needs E&O Insurance. Any firm providing professional services for a fee qualifies for E&O Insurance.

Examples include:

  • Doctors
  • Lawyers
  • Accountants
  • Architects
  • Engineers
  • Real estate agencies
  • Home inspectors
  • Property managers
  • Insurance agents
  • Health care facilities
  • Technology companies
  • Other licensed professionals and consultants
When should my business clients buy E&O Insurance?

Your clients should purchase E&O Insurance before taking on the risk associated with providing their services. A policy should be part of the cost of doing business. Contracts often require it, and it can also be a selling point your clients use to attract new customers.

What is a retroactive date?

A retroactive date ensures a policy provides coverage for prior acts committed by the insured. It typically reflects the first date the insured purchased and continually maintained E&O coverage.

Why choose E&O Insurance from ProWriters?

ProWriters’ underwriters have averaged more than 15 years serving the E&O marketplace. We have underwriting authority for several insurance companies, as well as brokerage arrangements with many others in the event we are unable to underwrite the risk ourselves.

Tech E&O

Why might my business client need Tech E&O Insurance?

Any and all businesses providing technology services—including software developers, IT consultants, managed service providers (MSPs), and more—need Tech E&O. Tech E&O policies usually feature very broad definitions of technology services.

Read More:

What’s the difference between Tech E&O and Cyber Liability Insurance?

Tech E&O relates to any actual or alleged negligence, error, or omission of the insured in regards to their technology services. Cyber relates to a breach of the insured’s network. Though the two are distinct lines of coverage, they’re often written in conjunction with each other.

Read More:

Do Tech E&O and Cyber need to be written together?

Tech E&O and Cyber don’t have to be written together, but at ProWriters, we strongly recommend it. There can be some gray areas between the two lines’ coverage triggers, so covering them both on the same form with a single carrier is best.

Can my client cover other professional services on their Tech E&O policy?

Depending on the carrier, yes. Some of our carriers can add coverage for miscellaneous professional services on their Tech E&O forms.

Are there any Tech E&O classes ProWriters cannot write?

Theoretically, no, although some classes—MSPs, internet service providers (ISPs), dating apps, and others—are tougher than others. However, we do have outlets who will consider underwriting such risks.

Employment Practices Liability Insurance (EPL)

What is EPL Insurance?

Employment Practices Liability Insurance covers businesses when employees make claims regarding violations of their civil rights.

Read More:

Who is considered an employee?

For EPL purposes, the following categories of workers are considered employees: W2 employees, part-time employees, leased employees, volunteers, and independent contractors.

What coverages does an EPL policy include?

EPL policies typically cover claims related to:

What is the territory of coverage for EPL?

Typically, EPL coverage is worldwide, but claims must be brought in the United States.

What is the minimum number of employees my clients need to receive an EPL quote?

Your business clients need at least one employee, other than the owner, for you to quote them a policy.

Directors and Officers (D&O) Insurance

Why should my clients purchase D&O Insurance?

Directors and Officers (D&O) Liability Insurance, also known as Management Liability, covers the company, individual directors, and officers for any liability resulting from the company’s management. A D&O policy can also help attract investors and experienced executives.

Read More:

Who is covered under a D&O policy?

D&O policies cover all duly elected or appointed directors, trustees, governors, managers, officers, advisory directors, advisory board members, or members of a duly constituted committee or board of the insured company, or their functional equivalent; or one or more natural persons assigned titles or positions functionally equivalent to directors or officers.

Read More:

What other coverages can be packaged with D&O?

Coverages that can be packaged with D&O coverage include:

  • Employment Practices Liability (EPL)
  • Crime
  • Fiduciary
  • Kidnap and Ransom
  • Employed Lawyers