Category Archives: Cyber Liability Insurance

Cyber Insurance Gaps I See Most Often in Law Firms

Posted on by

Cyber insurance has become an important part of risk management for law firms. Data breaches, ransomware attacks, and phishing attempts are now common risks in the legal industry, particularly because firms handle sensitive client information.But one thing I’ve noticed over the years is that many small to mid-sized law firms have cyber insurance coverage that isn’t fully aligned with the risks they actually face.

The issue is usually the details of that insurance policy.

There are several coverage gaps that tend to show up repeatedly when reviewing policies for law firms.

Common Cyber Insurance Gaps Law Firms Should Watch For

While every policy is different, there are a few areas where coverage often falls short. Understanding these gaps can help firms avoid unpleasant surprises if a cyber incident occurs.

Below are some of the most common issues I see.

Inadequate Coverage Limits

One of the most common cyber insurance gaps is insufficient coverage limits.

Cyber incidents can become expensive very quickly. Even a relatively contained incident can involve multiple layers of cost.

Potential Costs of a Cyber Incident

A cyber event may involve:

  • Forensic investigations to determine what happened and how the breach occurred
  • Legal costs associated with responding to the incident
  • Client notification requirements depending on the type of data involved
  • Credit monitoring services for affected clients
  • Business interruption losses if systems are unavailable

For example:

  • A forensic investigation alone can cost $15,000 to $50,000 or more, depending on the complexity of the breach.
  • Credit monitoring services can run up to $30 per person per month for 12–24 months.

When you add those costs together, the financial impact can expand quickly.If a firm’s coverage limit is too low, the policy may still provide assistance—but it may not go nearly as far as the firm expected.

Missing or Limited Social Engineering Coverage

Another gap I often see involves social engineering coverage.Social engineering fraud occurs when someone is tricked into sending money or sensitive information because they believe the request is legitimate.

Examples of Social Engineering in Law Firms

These situations might involve:

  • An email that appears to come from a client
  • A request that looks like it came from a colleague
  • Instructions from what appears to be a trusted partner in a transaction

Because legal transactions often involve sensitive documents and financial transfers, law firms can be particularly vulnerable to these types of scams.

However, not every cyber insurance policy automatically includes strong protection for social engineering losses.In many cases, it requires a specific endorsement or additional coverage to be added to the policy.

Lack of Meaningful Business Interruption Coverage

Business interruption is another area that is sometimes overlooked.

If a cyber incident shuts down a firm’s systems, the consequences can extend far beyond the technical problem itself.

How System Downtime Can Affect a Law Firm

When systems are unavailable, firms may experience:

  • Delayed cases and legal filings
  • Staff unable to access important files
  • Disruptions to normal operations
  • Potentially missed statutes of limitation

Even a temporary disruption can have significant operational and financial consequences.Business interruption coverage is designed to help address these situations. However, not every policy includes this coverage in a meaningful way, and some policies may include limitations that firms don’t realize until after an incident occurs.

High Deductibles That Surprise Firms Later

Another detail that often gets overlooked is the policy deductible.Many firms understandably focus on the coverage limit, but the deductible plays an equally important role in determining how the policy functions.

Why Deductibles Matter

Some cyber policies carry deductibles that are much higher than firms realize.

This means that before the insurance coverage begins responding, the firm may need to absorb a significant portion of the costs themselves.

If that deductible is higher than expected, the financial impact of an incident may be greater than anticipated.

Reviewing this number carefully is an important step in understanding how the policy will actually work in a real-world situation.

Misunderstanding the Retroactive Date

One final detail that deserves attention is the retroactive date.The retroactive date helps determine how far back the policy coverage applies if a breach or cyber incident began before it was discovered.

Why Retroactive Dates Matter

Many cyber incidents are not discovered immediately. In some cases, malicious activity may have started months before anyone realized there was a problem.

The retroactive date helps determine whether that earlier activity is covered.If the retroactive date isn’t fully understood, firms may assume coverage exists when it may not apply in certain situations.

Why These Gaps Happen

It’s important to note that these gaps usually don’t happen because law firms are careless.

In most cases, the issue is simply that:

  • Cyber insurance has evolved rapidly in recent years
  • Policy language can be complex
  • Coverage options can vary significantly between insurers

As a result, many firms end up with policies that made sense when they were purchased—but may not fully reflect how the firm operates today.

Reviewing Your Cyber Insurance Coverage

Because cyber risks continue to evolve, it’s helpful for law firms to periodically review their cyber insurance policies.

A simple policy review can help answer important questions such as:

  • Are the coverage limits still appropriate?
  • Does the policy include social engineering protection?
  • Is there meaningful business interruption coverage?
  • Are the deductibles reasonable?
  • Do we fully understand the retroactive date?

Often, a short conversation can clarify many of these details and help firms feel more confident about the protection they have in place.

Final Thoughts

Cyber insurance has become a critical component of risk management for modern law firms.

However, having coverage isn’t always the same as having the right coverage.

Taking the time to review the details of a policy can help ensure that the protection in place truly aligns with the risks law firms face today.

Want Help Reviewing Your Policy?

If you’re not sure how your cyber insurance policy would respond in a real-world incident, it may be worth taking a closer look.Give INF a call at 412-563-2106 and we can review the key areas discussed in this article to make sure your firm has coverage that’s right for you.

I’m Don I. Your Insurance Guy.

Trust Your Systems

Posted on by

I just got back from playing a round of golf, and while I had a great time thanks to my playing partner, my actual game was pretty lousy. Like most golfers, on the drive home I caught myself thinking: maybe it’s time for a new putter, a different set of clubs, or a new brand of golf balls.

But then it hit me — my clubs didn’t suddenly get worse in the past two weeks. My golf balls didn’t change. And my putter didn’t lose its magic. The truth was simple: it wasn’t the equipment, it was me.

My tempo was off. I was swinging too fast. I wasn’t focused. And that got me thinking: the same thing happens in business — especially in law firms.

The “Equipment” Problem in Law Firms

When something goes wrong in a firm — a missed statute of limitations, a conflict of interest issue, or a client complaint — our first instinct is often to blame the system.

  • “The calendaring program let us down.”
  • “The conflict checker didn’t catch it.”
  • “We need a better case management tool.”

That knee-jerk reaction leads many attorneys to shop for the “latest and greatest” software. But just like with golf, buying new equipment doesn’t always solve the problem.

It’s Not the Tools, It’s the Process

Before rushing out to invest in new programs, it’s worth asking: Are we using the systems we already have, properly and consistently?

A few examples to consider:

  • Calendaring systems: Are you and your staff updating them daily without fail?
  • Conflict of interest checks: Are all clients, former clients, and ownership interests properly logged?
  • Client documentation: Are you recording every conversation, every update, in the system right away — or are you telling yourself you’ll “do it later” and never getting back to it?

When these steps slip, it’s not the software that failed. It’s the process.

A Weekly (or Bi-Weekly) Check-In

The fix isn’t shiny new tools. It’s discipline. Take a few minutes each week — or at least every two weeks — to sit down with your team and review:

  • Are we updating systems the way we should?
  • Are we putting in accurate, complete information?
  • Are we letting bad habits slide?

Your systems are only as good as the information you feed into them. If you don’t use them consistently, even the most expensive software won’t save you.

Back to the Golf Course

Golf taught me this: you don’t need a brand-new set of clubs every time you have a bad round. You need to slow down, adjust your swing, and focus on the fundamentals.

In the same way, law firms don’t always need new programs when mistakes happen. They need to look inward, review processes, and make sure the team is disciplined in using the systems already in place.

Remember: success isn’t about the latest equipment — it’s about how you use it.

Real-Life Cyber Claim Examples With Don Ivol

Posted on by

Lawyers often ask for proof that cyber events and data mistakes really hit small firms—and what those losses look like in dollars. Below are two real-world claim scenarios to help you see how quickly costs add up and which safeguards (and coverages) matter most.

#1: Shared Office, Shared IT… Total Data Loss

The setup:


A three-lawyer firm subleased space from a larger firm and piggy-backed on the larger firm’s IT. To “separate” data, the small firm was given its own file server (originally used for email).

What went wrong:


The larger firm’s IT admin backed up email, formatted the shared server, and reinstalled software—but forgot to back up the small firm’s files. Result: complete data loss and an operational shutdown while the firm tried to rebuild.

Documented impact:

  • Data restoration expenses: $23,000
  • Lost billable hours: roughly $98,900 (about “$99k” in the narrative)

Why this matters:


Not every disaster is a hacker. Plain old human error and poor segregation of systems can be just as destructive.

How to prevent this (practical steps):

  • Own your backups (don’t rely solely on a landlord’s/host firm’s IT). Use a 3-2-1 backup strategy and test restores.
  • Put clear, written data-segregation and change-management terms in your office/IT agreement.
  • Keep off-network backups (immutable/cloud snapshots) and run recovery drills twice a year.
  • Maintain a simple RPO/RTO target (how much data you can afford to lose/how fast you must be back).

Where insurance can help (policy-dependent):
 Cyber policies with data restoration and business interruption coverage can respond to accidental data loss; some tech E&O or malpractice policies may also come into play depending on facts. Terms vary—review your policy.

#2: Cloud Downgrade → Confidential Case Exposed

The setup:


A firm used a cloud storage provider with two tiers: free and premium. The premium tier kept data private; the free tier made content searchable/downloadable by others.

What went wrong:


The firm missed the renewal. The account reverted to the free tier, quietly exposing the firm’s files online for months. During that window, third parties downloaded details of a sensitive whistleblower matter.

Documented impact (one case):

  • Notification costs: $27,000
  • Defense expenses: $35,000
  • Damages: $2,150,000
  • Fines & penalties: $120,000
  • (Additional client lawsuits were pending and not included in these totals.)

Why this matters:


Most breaches aren’t Hollywood hacks—they’re misconfigurations, missed renewals, or lax vendor settings.

How to prevent this (practical steps):

  • Use auto-renew with multiple payment methods and billing alerts for critical SaaS tools.
  • Enforce least-privilege access, MFA, and default private sharing settings; require approvals for any public link.
  • Turn on configuration monitoring and data-loss prevention (DLP) alerts for exposure of sensitive matter names/IDs.
  • Keep a data map: what you store, where it lives, who can access it, and how long you keep it.

Where insurance can help (policy-dependent):


Cyber policies commonly address privacy liability, regulatory investigations (where insurable), breach response (forensics, notifications, PR), and defense. Coverage for fines/penalties depends on jurisdiction and policy language. Some professional liability (LPL) policies may also respond to alleged ethical violations—review both with your broker.

What These Stories Prove

  • It’s not just “hackers.” Human error and billing lapses can trigger seven-figure exposure.
  • Shared or “free” is risky. If you don’t control the system, you don’t control the risk.
  • Time is money. Even “small” incidents bleed billable hours and momentum.

Insurance is a backstop, not a substitute for sound IT practices.

10-Point Cyber Hygiene Checklist for Small & Mid-Size Firms

  1. 3-2-1 backups with quarterly restore tests
  2. Vendor billing safeguards (auto-pay + backup card + calendar reminders)
  3. MFA everywhere (email, practice management, cloud storage, VPN)
  4. Least-privilege access and quarterly access reviews
  5. Encrypted, private-by-default cloud repositories; ban public links
  6. Patch/update cadence for OS, apps, and network devices
  7. Incident Response Plan with breach-coach contact and a tabletop twice a year
  8. Data map & retention policy (limit what you store; purge on schedule)
  9. Security awareness training (phishing, sharing, and file-handling)
  10. Annual policy review (cyber + LPL) to close obvious gaps

These aren’t edge cases—they’re everyday risks for modern law practices. A few process tweaks plus the right blend of cyber and malpractice coverage can be the difference between an expensive lesson and a swiftly managed incident.

If They Can Breach an Insurance Giant, What’s Stopping Them from Hitting Your Law Firm?

Posted on by

I recently read something eye-opening in an insurance journal — a reminder that cybercrime isn’t just evolving, it’s organizing.

There are now cybercriminal groups that no longer just pick off random companies with weak cybersecurity. Instead, they target entire industries, strategically identifying and exploiting vulnerabilities across the sector. 

One such group is known as Scattered Spider, and their newest target? The insurance industry.

In recent months alone, major players like Philadelphia Insurance Company, Erie Insurance, and Aflac have been hit with significant cyberattacks. These breaches not only disrupted their operations, but in Erie’s case, have already led to multiple class action lawsuits.

Let’s think about that…

These are companies that:

  • Handle sensitive data every day
  • Have risk management baked into their company DNA
  • Invest hundreds of thousands of dollars (if not millions) into cybersecurity infrastructure

… and they still got breached.

So here’s the question every law firm should be asking:

If these highly protected insurance companies aren’t safe, what makes you think your firm is?

The Ugly Truth – Law Firms Are Prime Targets

You might be thinking, “We’re a law firm — not an insurance company. Why would hackers bother with us?”

Here’s why:

  • You store the same type of sensitive data: personal information, financial records, privileged communications.
  • You likely don’t have the same kind of IT budget or internal safeguards that large insurers do.
  • And from a hacker’s perspective, that makes you low-hanging fruit.

Whether you’re a solo practitioner in Pittsburgh or part of a mid-sized firm in Cleveland, you’re exposed — and attackers know it.

The Smart Next Step For Your Firm: Cyber Liability Insurance

Even if you have antivirus software, firewalls, and employee training in place (and you should), there’s another essential layer of protection… 

A tailored cyber liability insurance policy.

This isn’t just about protecting your firm — it’s about protecting your clients and your reputation. A single breach can take down your operations, cost tens of thousands in recovery, and damage your trust with clients.

Cyber policies are more affordable than most firms realize, especially compared to the cost of recovering from an attack.

Want to Learn More?

I go deeper into these risks and solutions in my book, Game Over? Not Today! 

It’s written specifically for professionals like you — attorneys, advisors, and business owners who want to understand the threat landscape and take action before it’s too late.

Pick up my free book today here -> https://bit.ly/INF-Game-Over-Not-Today 

Stop procrastinating. Protect your firm, your data, and your clients.

If you’re in Pennsylvania or Ohio and want to explore your cyber coverage options, I’d be happy to help.

I’m Don Ivol — your insurance guy.

Game Over? Not Today — Why Every Business Needs to Read This Free Cyber Insurance Book

Posted on by

We recently published a brand-new book titled Game Over! Not Today and the best part? It’s absolutely free. This guide is designed to help business owners like you understand the ins and outs of cyber liability insurance, and more importantly, how to protect your business from the growing threats in today’s digital landscape.

Why You Should Download It

Cyber threats aren’t just a big-business problem anymore. Small and mid-sized businesses are increasingly being targeted by hackers, and unfortunately, many are caught unprepared. That’s exactly why we wrote this book—to demystify cyber insurance and give you the tools and knowledge to confidently face these challenges.

Every chapter in this book offers valuable insights, but there are two chapters I really want you to pay close attention to: Chapter 6 and Chapter 8. These contain immediate, actionable advice that could make all the difference if your business ever experiences a cyber event.

🔐 Chapter 6: Building a Strong Incident Reporting Process

When a cyberattack happens, chaos can follow—unless you have a plan. Chapter 6 walks you through exactly how to build a strong incident reporting process, so you’re not left scrambling in the heat of the moment.

Inside, you’ll learn:

  • Who you need to contact (with phone numbers and email addresses already laid out)
  • What your immediate next steps should be
  • How to document and report the incident to your insurance carrier
  • What details are critical to have on hand before something goes wrong

This chapter ensures that when you’re hit with a cyber event, you’re not asking, “What do I do now?”—because you’ll already know.

👥 Chapter 8: The Importance of Employee Education

Your employees are your first line of defense, and Chapter 8 dives deep into why education and engagement are critical. A team that understands what a cyberattack looks like—and feels confident raising their hand when something seems off—can prevent a bad situation from getting worse.

You’ll discover:

  • How to create a team-oriented cyber-safe culture
  • What to include in your employee training
  • Why employee involvement in your cyber response procedures is non-negotiable

From phishing emails to ransomware, your team needs to know what to look for and how to act fast—and this chapter gives you the playbook to make that happen.

Your Next Step: Download the Book

If you’ve ever felt unsure about cyber liability insurance or what steps to take if your business is attacked, this book is for you. It’s practical, straightforward, and best of all, it’s free.

📘 [Click here to download Game Over? Not Today now!] 

Get My New Book on Cyber Liability Insurance – Absolutely Free!

Posted on by
https://youtu.be/fumjTg9gVb0

I’ve been working hard behind the scenes, and I’m thrilled to finally share some exciting news — I’ve completed my book on cyber liability insurance, and I want you to have it for free!

The book, titled Game Over, Not Today,  is designed to be your roadmap for preparing your office to defend against cyber threats, while also demystifying the coverages found in a typical cyber liability policy.

Through the experiences of two fictional small businesses — Legal Eagles LLC and Helping Hands Chiropractic Corp. — you’ll follow their journeys navigating the cyber landscape using smart risk management practices and the right insurance coverage. I’ve included real-world examples and simple, effective explanations of policy terms and definitions to make even the most complex topics easy to understand. Whether you’re just starting out or looking to strengthen your current protections, this book will help you upgrade your cyber defense strategy.

Why did I write this book?


One of the most common questions I hear from clients and prospects is, “I don’t even know what cyber liability is — why would I need to insure against it or implement cybersecurity systems?” This book answers that question and many others. It was written with the goal of helping you better understand the cyber risks your business faces every day, and why taking action now is so important.

Here’s what you’ll get from the book:

  • A clear understanding of cyber liability insurance
  • Real-life solutions to common cyber exposures
  • Practical steps to enhance your office’s cybersecurity
  • Peace of mind — and it won’t cost you a dime!

In fact, by applying the strategies outlined in the book, you could end up saving money by reducing the likelihood of a cyber claim in your business.

Getting your free copy of “Game Over, Not Today” is easy. 

Click here to download the book now!

Don’t miss out on this opportunity to strengthen your business against today’s growing cyber threats. It’s a quick, valuable read that could make all the difference!

Beware the Phishing Scams: Staying Vigilant in the Digital Age

Posted on by

In today’s digital age, phishing schemes have become rampant, with scammers becoming increasingly sophisticated in their tactics. These malicious activities pose significant risks, including financial loss and identity theft. Understanding how these scams operate and knowing how to protect yourself is crucial in safeguarding your personal information.

How Phishing Schemes Operate

Phishing scams typically involve fraudulent emails that appear to come from legitimate sources. These emails often contain urgent messages designed to trick recipients into providing sensitive information such as social security numbers, credit card details, and login credentials. Common tactics include:

  • Impersonating Trusted Entities: Scammers often masquerade as banks, credit unions, internet service providers, or even government agencies. They create emails that look convincingly real and request verification of personal details.
  • Creating a Sense of Urgency: Many phishing emails claim that immediate action is needed, such as verifying account details to avoid suspension or confirming payment information due to a system update.
  • Using Familiar Branding: Fraudulent emails often incorporate logos and branding elements from legitimate companies to enhance their credibility.

Potential Risks and Damages

Falling victim to a phishing scheme can have severe consequences, including:

  • Financial Loss: Scammers can quickly rack up charges on your credit cards or drain your bank accounts.
  • Identity Theft: Providing personal information can lead to identity theft, causing long-term damage to your credit and financial standing.
  • Data Breaches: Sharing login credentials can compromise your online accounts, resulting in data breaches and unauthorized access.

Importance of Vigilance

Given the increasing frequency and sophistication of these scams, it’s essential to remain vigilant. Here are some tips to help you identify and avoid phishing schemes:

Tips to Identify and Avoid Scams

  1. Verify the Sender: Always check the sender’s email address carefully. Look for slight misspellings or unusual domain names that may indicate a fraudulent email.
  2. Be Skeptical of Urgent Requests: Be wary of emails that create a sense of urgency or pressure you to act quickly. Take the time to verify the request through official channels.
  3. Avoid Clicking on Links: Do not click on links or download attachments from unknown or suspicious emails. Hover over links to see the actual URL before clicking.
  4. Use Two-Factor Authentication: Enable two-factor authentication (2FA) on your accounts to add an extra layer of security.
  5. Educate Employees: If you manage a team, ensure that your employees are aware of these scams and know how to handle suspicious emails.
  6. Consider Cyber Liability Insurance: Cyber liability insurance can provide coverage in the event of a data breach or cyberattack, helping to mitigate financial losses and recovery costs.

Phishing schemes are a growing threat, but by staying informed and cautious, you can protect yourself and your personal information. Remember to verify email senders, be skeptical of urgent requests, and avoid clicking on suspicious links. Educating yourself and others about these scams is the first step towards safeguarding against potential risks.

Take the time this summer to enjoy some real fishing—the kind that lets you relax and maybe even catch a meal. Stay safe and vigilant online.

I’m Don I, Your Insurance Guy!

Have any questions about the topic discussed in this blog post? Contact us today! 412.563.2106

Personally Identifiable Information (PII) and Its Importance In Protecting Small Firms

Posted on by

In today’s digital age, protecting Personally Identifiable Information (PII) is not just a necessity for large corporations but a critical task for small firms as well. The rise in cyber threats has made PII protection paramount for businesses of all sizes. But what exactly is PII, and why is it so crucial for small firms to safeguard it?

Understanding PII

PII refers to any data that can be used to identify a specific individual. This includes names, addresses, phone numbers, social security numbers, and more. For small firms, this information is often collected from customers, employees, and even business partners. The protection of this data is essential in maintaining trust and ensuring compliance with various regulations.

The Growing Threat of Cyber Attacks

Cyber threats are becoming increasingly sophisticated, and small firms are not immune. In fact, small businesses are often seen as easy targets by cybercriminals due to their sometimes lax security measures. A single breach can lead to significant financial loss, legal repercussions, and a damaged reputation.

Why PII Protection is Crucial for Small Firms

  1. Trust and Reputation: Customers trust businesses with their personal information. A breach can shatter this trust and damage the firm’s reputation.
  2. Compliance: Various regulations require businesses to protect PII. Non-compliance can result in hefty fines and legal issues.
  3. Financial Protection: Data breaches can be costly. Protecting PII helps prevent financial losses associated with cyber attacks.

Engaging and Informative Resources

To illustrate the importance of PII protection, we’ve created a video featuring “Don I, Your Insurance Guy!” Don breaks down complex insurance topics into simple, easy-to-understand segments, making it clear why PII protection is a must for small firms.

Don’s engaging explanations and real-world examples will help you understand the critical steps needed to protect your business from cyber threats.

In summary, PII protection is not just a regulatory requirement but a business imperative. By taking proactive steps to safeguard personal data, small firms can prevent cyber attacks, maintain customer trust, and ensure long-term success. Stay informed, stay protected, and ensure that your business is a fortress against cyber threats.

For more information and detailed guidance, contact us today! Protecting PII is an ongoing effort, and staying vigilant is the key to safeguarding your small firm.

Real-life Cyber Claim Examples: The Importance of Cyber Insurance

Posted on by

It seems as though everyone likes to hear a good war story and it is no different when it comes to cyber claims. Besides price, it may be the most asked question I hear – What kind of claims are being filed? Can you give me an example of a claim to show that this is real and I should be buying a policy? So, let’s delve into this topic and let me tell you a couple of real-life cyber claim scenarios:

War Story 1: The Case of Accidental Data Loss

A small law firm lost all of their data, including backups, from a shared office space when the IT administrator formatted the hard drive on the office equipment. The firm, which had three lawyers, was operating inside unused space at a larger firm. As part of the arrangement, the smaller firm also used the IT systems of the larger firm.

In an effort to segregate the data of the smaller firm, the larger firm gave them access to their own file server, which was normally used for email only. The server began having issues, so the IT administrator backed up the emails on the server, formatted the hard drive, and reinstalled all the software. Unfortunately, the IT administrator did not remember to backup the data from the smaller firm before formatting the hard drive.

The firm suffered an interruption of operations as a result and incurred significant expense to recover the data manually. In this case, the damages and loss are as follows:

  • Data Restoration Expense: $23,000
  • Loss of Billable Hours: $8,900

War Story 2: The Case of Accidental Data Breach

A law firm handling Qui Tam cases suffered an accidental data breach resulting in legal liability and disciplinary proceedings for alleged ethical violations. The firm used a cloud storage service for all firm data. The cloud storage provider offered two tiers of service to clients, free and premium.

Data in the “free” storage service is searchable and can be downloaded by other customers. The firm neglected to pay their renewal fees for the “premium” service, so the firm’s account reverted to the “free” service and all of the firm’s data was searchable and available online for several months. During that time, numerous parties downloaded the details of a sensitive whistleblower case.

As a result, the firm faced a lawsuit from the former client in the whistleblower case as well as a disciplinary proceeding. Several other suits from other current and former clients are also pending. In this case, the damages and loss are as follows:

  • Notification Expense: $27,000
  • Defense Expense: $305,000
  • Damages: $2,150,000
  • Fines & Penalties: $120,000

Note: pending suits from other clients are not included in loss amounts listed above.

These examples illustrate the real-life implications of not having a robust cyber policy. In today’s digital age, where data breaches and cyber attacks are becoming more common, having a comprehensive cyber insurance policy is not a luxury, but a necessity. It’s time to take a proactive approach to protect your firm and clients from potential cyber threats.

Maximizing Your Cyber Insurance: Understanding the Full Range of Protection

Posted on by

Most of the calls I receive about cyber insurance are for Fraudulent Funds Transfer.  This seems to be what the caller is most interested in and for good reason especially if your profession is in the area of law, real estate, or title/escrow work.  However the cyber policy is much more than just fraud transfer coverage.

The policies are usually what I consider a program or a suite of coverages made up of first and third party benefits and a strong risk management team.  Several of the carriers that write cyber insurance will perform or run an analysis of your website/online presence and identify weakness that exists and exposures that may lead to a cyber attack or event.  The carrier prepares a report that will not only identify the weakness but will also offer suggestions on how to correct or eliminate the exposure.  They also will rank or compare your cyber situation and scan results to other companies of similar size and industry. Allowing you to see if you’re keeping up with others in your industry in keeping your business, your clients and your customers safe from cyber attacks.

Other benefits provided by most cyber policies include: Notification costs.  Did you know that the government requires you to notify your customers in the event you have a cyber attack and personal/confidential data is compromised?  Think of how many files you have.  It won’t be cheap to notify and complete this task.  Ransomware.  Think you’ll never become a victim of this because your office is too small, and you don’t have or keep large amounts of personal confidential information? Think again.  Everyone is a target for this type of claim.  A hacker breaks into your computer system and stops your ability to use it or shuts down the entire system unless you pay XX amount of dollars.  How long can your office run with no access to your computer system?  

Fraudulent transfer of funds, risk management team services, strong claims team, notification costs and Ransomware coverage only scratches the surface of what coverages/benefits are provided in most cyber policies.  Although you may only have interest in one or two of these you need to be aware of all the coverages available to you in your cyber policy.  Rarely in a cyber claim is only one benefit/coverage part triggered.  Usually several parts come into play.  Don’t short yourself by not knowing all of the coverages and assistance that is available to you under your policy.  Read it and call your broker, and or the risk management team of the program with your questions.