If the rash of data breaches in recent months has done anything for businesses, it’s raised their awareness of cyber liability insurance. The market for cyber liability insurance is expected to increase dramatically as businesses become more aware that their current policies don’t adequately cover cyber-risks, according to the National Association of Insurance Commissioners(in U.S.A).
However, a three-judge federal appeals panel last week threw into question just how inadequately existing insurance products cover cyber-risks. The case before the appeals court involves a class-action lawsuit about a data breach at Portal Healthcare Solutions.
Portal has a form of insurance that’s de rigueur for most businesses called a “commercial general liability policy.” It’s a kind of umbrella policy that’s supposed to cover a variety of unforeseen mishaps. Portal argued that its CGL policy, issued by Travelers Idemnity, should cover the court costs of the data breach lawsuit.
A lower court agreed with Portal, and the appeals court agreed with the lower court.
What makes the decision important, particularly for small businesses that may not be able to afford cyber liability insurance, is that they may have some data breach coverage that they didn’t know they had. That could cover some gaps in existing coverage, too.
The court did not rule on whether Portal’s policy would pay for damages if the healthcare provider lost the case – it only said Traveler’s had to pay the legal costs in the case. Also the court is not saying that Travelers has to pay the verdict or not. All it’s saying is Travelers must pay for the insured’s defense counsel and to defend the case.
Cases like Portal’s are more likely to involve older CGL policies because newer ones specifically exclude anything related to data breaches in the coverage.
Even if some of a company’s cyber exposures are covered in a CGL, it makes more sense to get a cyber liability policy. The type of policy and the amount can change a lot, but every company has private information and technology involved in their organization, even if it’s just payroll.
A cyber policy is a prudent step, It’s frankly much safer for a policyholder to look at and consider a standalone cyber policy.
This article is refer to Tech News World, if you would like to know more detail, please visit Tech News World.