Cyber-Insurance: Why You Need It And How To Choose The Right Plan
Cyber Liability Insurance Partner Thomas Bentz spoke with Compliance Week about the growing need for cyber-insurance and how to navigate the labyrinth of cyber-insurance products on the market. It is critical for companies to first familiarize themselves with the terms and conditions, exclusions, nuances and loopholes of cyber-insurance. Before purchasing cyber-insurance coverage, it is recommended that company management undertake a reverse gap analysis, analyzing the typical cyber-incident response workflow that follows a data breach or cyber-attack. By conducting such analysis, a company can better collaborate with the insurer to best allocate risk and determine, before a cyber-attack occurs, which workflow tasks will trigger coverage; which will fall outside the scope of coverage; and which might be uninsurable altogether.
Mr. Bentz focuses his practice on cyber-insurance policies. "I review the policies in advance of a claim so that we know where those gaps could be, and we try and prevent as many of those gaps as possible from becoming issues," he said. Mr. Bentz also advises clients on cyber-insurance matters concerning high-risk transactions, like mergers and acquisitions. “As far as coverage in a merger situation, we want to make sure that the company has sufficient limits to cover the additional assets, the information they’re purchasing,” he said. “You also want to make sure you handle the claims-made portion of the coverage appropriately with an extended reporting period (or ‘tail’ coverage), so if you have a breach after the merger, you still have that protection in place.”