Obligatory coverage clauses
- Data breach incident response (1st Party)
- Network security, privacy and data breach liability (3rd Party)
- Regulatory liability (1st Party) Optional coverage clauses
- PCI DSS Fines and assessments (1st Party)
- Business Interruption (1st Party)
- Data Restoration (1st Party)
- Cyber Extortion (1st Party)
- Media Liability (3rd Party) Optional coverage extension
- Social Engineering (1st Party)
DATA BREACH INCIDENT RESPONSE
Providing our customers with a Hotline and email address to a top breach response law firm, in South Africa this is Clyde & Co., who will directly liaise with the Insured and appropriate vendors to discuss the initial investigation of the event and coordinate the response plan. They will advise the Insured on the following:
- Engagement of forensic and IT security vendors to investigate the scope of the breach and provide expert response guidance;
- Identification of mandatory notification requirements;
- Assessment of voluntary notification options;
- Agreement of notification strategy / plan;
- Appointment of Call Centre / Credit Monitoring service providers;
- Public relations services;
- Mitigation of potential 3rd party liability
NETWORK SECURITY, PRIVACY AND DATA BREACH LIABILITY
Protecting our customers for costs to defend and resolve liability claims as a result of a security or privacy event. This includes:
- Theft or altering of data;
- Virus or malware attack;
- Denial of service attack;
- Other loss of data from systems;
- Failure to meet privacy requirements of clients;
- Failure to protect
For example, if the credit card information of thousands of an Insured’s customers were compromised following a malware attack and a class action lawsuit was filed, this insuring clause would apply and provide the Insured with defence costs and indemnification for all insurable damages.
REGULATORY LIABILITY
Covering our customers’ regulatory fines (when legally permissible) and associated legal costs following a security or privacy event. This includes:
- Theft or altering of data;
- Virus or malware attack;
- Other loss of data from
For example, our customer suffers a theft of data. What comes next? This coverage covers the Insured’s legal costs incurred to determine if notification to a regulator(s) is required, assist with preparing the notification, guiding the Insured through any subsequent regulatory investigation, and preparing responses on their behalf.
In addition, this coverage will cover the Insured for any fines or penalties the regulators may impose, to the extent insurable by law.
PCI FINES AND ASSESSMENTS
Covering our customer’s contractual fines and associated legal following a security or privacy event that affects payments cards. This includes:
- Theft or altering of data;
- Virus or malware attack;
- Other loss of data from
The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size accepting credit card payments. If an Insured experiences a security breach and is found to be non-compliant with PCI rules they may be subject to fines. These fines, depending on circumstances, may be anywhere from US$5,000 to US$100,000 every month until all compliance issues are addressed and remediated.
BUSINESS INTERRUPTION
Covering our customers’ loss of income following a security or privacy event. This includes:
- Theft or altering of data;
- Virus or malware attack;
- Denial of service
As an example, a government department receives a phishing email, an employee clicks on URL links in this email and infects the government network with ransomware. Government operations are halted causing chaos and quickly incurring increasing costs.
DATA RESTORATION
Covering our customers’ costs for data restoration or recompilation following a security or privacy event. This includes:
- Theft or altering of data;
- Virus or malware attack;
- Denial of service
Software and data can be rendered useless after a cyber-attack and restoration of this data and software can be costly. For instance, where a ransomware attack has encrypted data. If the Insured has taken a recent back up of data it is possible to restore from this back up, however this can be costly and entails bringing in forensic specialists to discover the extent of the ransomware and guide the restoration process.
CYBER EXTORTION
Covering the costs incurred following a cyber extortion threat. This includes:
- Extortion following a ransomware attack;
- Extortion threatening a denial of service attack e.g. on customer’s website;
- Extortion threatening the take down of a key production
Typically, ransomware has been aimed at smaller companies and individuals. An example is the WannaCry ransomware attack. This attack targeted computer systems running Microsoft Windows operating systems by encrypting data and demanding a Bitcoin payment. The attack took advantage of a weakness in older Windows operating systems, Microsoft had released patches in order to remove the exploit however many companies worldwide had not patched their systems and many organisations faced hours of downtime. It was estimated more than 200,000 computer systems across 150 countries were affected by the attack.
MEDIA LIABILITY
Protecting our customers for costs to defend and resolve liability claims as a result of a media wrongful act in the course of releasing any content on their website or via social media. This includes:
- Defamation, slander, libel, trade libel or product disparagement;
- Invasion of privacy, intrusion upon seclusion or misappropriation of likeness, picture, name or voice;
- Copyright or trademark infringement;
- Plagiarism, piracy or misappropriation of ideas;
- Domain name
An example of a claim under this coverage would be an Insured who was sued for allowing access to music or movie clips on its website, alleging that the Insured had not sought the right to share these in line with copyright laws.
CYBER CRIME / SOCIAL ENGINEERING EXTENSION
Covering our customer’s financial loss relating to a social engineering event for example a phishing event, whereby an employee or director is instructed to move company funds to another bank account fraudulently, thus resulting in a financial loss.
This is a significant coverage extension. Events of this nature are, sadly, commonplace, with criminals continually coming up with new and innovative ways of tricking innocent employees and directors.