Skip to main content
For Legal Professionals
Find a Lawyer
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

Find a Lawyer

More Options

What Does Your Cyber Insurance Actually Cover?

By George Khoury, Esq. on April 18, 2018 | Last updated on March 21, 2019

With how many different ways there are to hack into a system and the fact that the insurance industry has entered the cybersecurity insurance game, it may actually matter how you get hacked, and how the hackers cause you harm ... at least if you have cyber insurance.

Simply put, like any other insurance policy, cyber insurance policies do contain exclusions. Unfortunately, for unsophisticated but insured users of hackable technology, failing to use security protocols required by an insurer could lead to a denial of coverage. For employers, ensuring your workers are actually using the security measures can be a real challenge.

What's in Your Policy?

As highlighted in a recent Reuters Insight piece, most cyber insurance is targeted at losses caused by data and privacy breaches. This means that damages caused by a cyberattacks on a company's operations or infrastructure could actually be excluded.

For example, if a fictional coastal robot manufacturer's robotic workers were all hacked and made to walk off a cliff into the ocean, that loss would not be covered under a traditional cyber insurance policy. Other potential targets that could be outside the usual policy could include attacks on energy grids, supply chain logistics, and financial operations.

Do Law Firms Need Cyber-Terrorism Coverage?

When push comes to shove, whether or not you need basic or more comprehensive cyber insurance is less of a choice and more of a question of exposure and what is even coverable. As new carve outs for hacking continue to find their way into general liability policies, creating new insurance products, the same is happening with cyber-insurance.

For law firms, it is important to understand what is actually covered, and what exclusions may apply. While a law firm probably doesn't need bodily injury coverage related to a hacking incident (though it may if the firm has elevators in its office that are controlled by a computer that could in theory be hacked and used to injure someone), insuring against hackers bent on stealing the firm, or the firm's clients', data and money is probably a wise choice.

Related Resources:

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard