MEDIA ADVISORY: I.I.I. Has Experts, and a New White Paper, on Cyber Risks and Insurance Coverage

FOR IMMEDIATE RELEASE New York Press Office: (212) 346-5500; media@iii.org

NEW YORK, July 14, 2014 — Reporters covering the issue of cyber risk are encouraged to contact the Insurance Information Institute (I.I.I.) and read the institute’s new white paper: Cyber Risks: The Growing Threat.

The 27-page report was co-written by Dr. Robert Hartwig, president of the I.I.I. and an economist, and Claire Wilkinson, author of the I.I.I.’s award-winning Terms+Conditions blog. The paper notes that neither a commercial general liability (CGL) nor a standard business owner’s policy (BOP) generally offers coverage after a cyber-attack.

The 2014 Allianz Risk Barometer Survey found that cyber risks ranked eighth when Allianz did its annual survey of global business risks, the first time the issue made it onto their Top 10 list.

Stand-alone cyber risk policies cover many of the expenses that emerge from the cyber theft of personal information, or trade secrets, according to the I.I.I.’s white paper. The coverages include:

• Business Interruption: Covers loss of business income resulting from a cyber-attack on a company’s network that limits its ability to conduct business.
• Criminal Rewards: Covers the cost of posting a criminal reward fund for information leading to the arrest, and conviction of, a person(s) who has hacked a company’s computer systems.
• Crisis Management: Covers the cost of retaining public relations assistance, or advertising, to rebuild a company’s reputation after a cyber-attack.
• Cyber Extortion: Covers the monies expended to settle an extortion threat against a company’s cyber network, as well as the cost of hiring a security firm to track down and negotiate with blackmailers.
• Data Breach: Covers the expenses and legal liability resulting from a data breach, such as the costs needed to comply with regulatory requirements, or to address customer concerns. The I.I.I.’s white paper cites three high profile cyber-attacks in the U.S. in 2014. One occurred at eBay (May), and the others at Michaels Stores (February), and Neiman Marcus (January).
• Identity Theft: Covers the costs associated with creating an identity theft call center in the event customer or employee personal information is stolen.
• Liability: Covers defense costs, settlements, judgments and/or punitive damages incurred by a company as a result of a data theft, transmission of a computer virus, failure of its computer security system, as well as allegations of copyright or trademark infringement, libel, slander and defamation.

THE I.I.I. IS A NONPROFIT, COMMUNICATIONS ORGANIZATION SUPPORTED BY THE INSURANCE INDUSTRY.
Insurance Information Institute, 110 William Street, New York, NY 10038; (212) 346-5500; www.iii.org