Cyber Liability Insurance
In 2010-11 India was the 10th most heavily cyber-attacked country; today it is second only to United States. With internet usage rising exponentially; from 202 Million users in March 2010 to 412 Million in March 2011 to 485 million in March 2012, India is now second only to China in the number of devices (including cell phones) connected to the internet.
This also makes India uniquely vulnerable. Intelligence sources say that, in the recent past, malicious activities against Indian networks have originated from hosts in around 20 countries: emphasising the amorphous nature of cyber-attack, sources clarify that these could have been routed through those countries without the hosts even being aware of this activity. During the same period, several attacks abroad were detected as originating from hosts located in India. Keeping this in mind and recent incidence, now the government is rolling out an extensive policy.
Cyber liability insurance coverage is designed to protect IT businesses against liability and expenses arising from the theft or loss of data, as well as liability and expenses arising from a breach of data security or privacy, particularly when you are hosting client information. While your clients should carry their own cyber liability for the data and personally identifiable, confidential information stored on their servers, IT firms are wise to protect themselves with their own third-party coverage as well.
Cyber liability refers to an IT firm's liability when it is responsible for the security and privacy of a client's data stored on the IT firm's servers. Cyber liability insurance policies typically include coverage for:
- 'Denial of service' attacks or inability to access websites or systems
- Unauthorized access to, use of, or tampering with confidential data
- Disclosure of confidential data (invasion of privacy)
- Loss of data or digital assets (malicious or accidental)
- Introduction of malicious code or viruses
- Cyber extortion or terrorism threats
- Personal media injury (defamation, libel, or slander) from electronic content
- Regulatory action, notification, or defense expenses
- Crisis management and public relations expenses
- Data or system restoration
- Business interruption expenses