Definition of Cyber Liability

Cyber liability (or, cyberliability) is a reference to Internet-based risks and those relating to information technology infrastructure and activities. Such are typically excluded from traditional commercial general liability policies. Coverages under cyberinsurance policies may include first-party coverage against losses such as data destruction, extortion, theft, hacking, and denial of service attacks; liability coverage indemnifying companies for losses to others caused, for example, by errors and omissions, failure to safeguard data, or defamation; and other benefits including regular security audits, post-incident public relations and investigative expenses, and criminal reward funds. (Adapted from White House report)

Lawsuits over cyber issues have increased significantly, both due to increasing cyber crime and regulations requiring the disclosure of events, such as SEC guidance and state reps covering the loss of PPI (protected personal information). Companies that disclose loss of PPI are often subjected to suits.

More and more businesses are purchasing insurance to cover potential cyber liability. If you don't know whether your business has cyber liability insurance, it probably doesn't. Most policies written in past years do not include cyber liability insurance.

To learn more, visit:

Tuesday, December 10, 2013

Cyber Liability Specifics Likely to be Defined in Part by New Federal Standards

"However, critical infrastructure owners need to recognize that, if a company's cybersecurity practices are ever questioned during a regulatory investigation and litigation, the baseline for what's considered commercially reasonable is likely to become the NIST Cybersecurity Framework:" InformationWeek

Here's the link to the NIST framework:

To learn how it might impact your business, visit

No comments:

Post a Comment