Cyber Liability Insurance Coverages and Support Must-Haves

As of 2016, ransomware is mutating again to be more vicious and less predictable than in the past. This transition may be the result of adoption by more knowledgeable and ruthless adversaries...
— 2016 Will Be The Year Ransomware Holds America Hostage, The ICIT Ransomware Report

Law firms face daily threats of security breaches that can devastate a firm’s bottom line and reputation. Are you prepared for the inevitable data breach or the day your network is held for ransom? You can be if you have the right Cyber Liability Insurance. We recommend a product designed specifically for law firms and one that will be there to guide you through the aftermath of a security breach. A cyber insurance provider should provide the following support should you fall victim of a cyber security breach.

Your cyber insurer should support you by:

  1. Conducting technical forensics to determine the scope and cause of the data security breach;

  2. Understanding the relevant regulatory, legal, ethical and malpractice obligations associated with the breach;

  3. Determining which authorities and regulatory bodies must be notified and guide your firm through the notification process;

  4. Identifying the individuals and businesses your firm must and may wish to notify;

  5. Selecting and implementing the best loss reduction solutions for the breach including credit monitoring, legal filings, insurance or fraud prevention;

  6. Managing ongoing communications with businesses and individuals that are victims of the breach, including call center services such as developing scripts and training call center staff;

  7. Coordinating with a public relations firm to implement a public relations campaign to protect your firm’s brand;

What to look for in coverage features:

  • Business interruption coverage should be a core feature of a Cyber Liability Insurance Policy and most businesses don’t have the internal expertise to value the loss and absorb the cost of hiring experts to submit a business interruption claim. A Cyber Liability Insurance product should pay for technical forensics and forensic accounting services to assist you with proof of loss statements and claim recoveries. Not all do.

  • Most Cyber Liability Insurance Policies use the standard business income loss calculations which are based on revenue received during the outage period and not hours billed. A law firm could lose hundreds of billable hours from a virus following a loss and not be able to recover the lost income from their insurance company. Look for a Cyber Liability Insurance product that is designed for law firms.

  • Cover unauthorized access, use, disclosure or theft of private consumer information, confidential business information or other sensitive legal or client information occurring at the company or at a company vendor.

  • Cover transmission of a computer attack or computer virus to others due to misuse of the company’s computer system.

  • Cover misuse of the company’s computer system, website, email, social networking or other electronic communications resulting in harm to others.

  • Cover Data Restoration Costs – Covers the cost to rebuild, reconstruct or re-engineer electronic data following a computer virus, hack, denial of service, cyber terrorism, cyber extortion, cyber espionage or other computer attack that alters, damages, or destroys electronic data.

  • Coverage extends to costs of computer forensics following a loss.

  • Crisis Management – Covers (1) Public relations expenses; (2) Breach notification expenses; and (3) Credit monitoring and identity theft services following an event otherwise covered by the policy including a virus, hacker attack, or disclosure of confidential / private information.


Be aware that cyber liability policies can include minimum security requirements in order for coverage to apply. They include antivirus software, firewalls and encryption. You could be required to maintain an on-going patch management process and store all data on mobile data storage devices or media in an encrypted format including smart phones, USB devices, laptops, tablets, backup tapes and discs.

Network security alone cannot entirely protect your data. No firewall is 100% secure.  Be prepared to mitigate the inevitable cyber security breach with a trusted Cyber Liability Insurance Partner.

The information provided above is for illustrative purposes only. Always consult with an insurance agent or broker on the needed coverage features for your business. The actual policy terms and conditions will apply in the event of a claim.

Coverage and support information provided by Safe Law.