E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants

Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


Source: ZDNet

Posted on October 29, 2012

First and third party liability are what large IT vendors usually look for in cyberinsurance, but with the heavy damage from a large-scale security breach, IT vendors are increasingly looking for privacy extensions and data breach crisis response coverage, industry watchers note.

According to Jody Westby, CEO of Global Cyber Risk Group and adjunct professor at Georgia Institute of Technology's School of Computer Science, IT vendors are increasingly concerned about having adequate first and third party liability coverage.

First-party coverage is for direct losses experienced by the insured such as recovering lost or destroyed data, notification, monitoring and forensic investigation expenses, and business interruption losses, Ian Pollard, Asia-Pacific and Far East regions vice president of Financial Lines at Chartis, explained.

On the other hand, third-party coverage insures policyholders against losses incurred by customers, credit card companies and banks, and any legal damages that is third party liability for privacy breaches such as notification and regulatory costs coverage for fines and penalties, he added.

Their growing concern comes in light of breaches and security incidents involving theft of confidential and propriety data giving companies a "heightened awareness" of these threats, Westby explained. As companies increasingly turn to cloud and outsourcing as a means of controlling costs, they also become the key targets of cybercriminals because they have rich repositories of data, she added.

Demand for privacy, reputation damage coverage

That said, large IT vendors have also become interested in insurance products with privacy extensions, Rick Betterley, president of Betterley Risk Consultants, observed.

This protects the company against the defect, deficiency or inadequacy in their product or service in the contract, Veronica Sommariba, senior vice president and technology manager for commercial insurance at Chubb Group of Insurance Companies, explained.

"They are concerned about protecting their company against lawsuits alleging errors, including those that result in a security breach of their customers' systems," Betterley said.

Such privacy extensions also provide additional coverage for a breach of their own system, which is becoming more important as regulators "crack down" on breaches and as customers ask for insurance protection from IT vendors, he added.

Data crisis response coverage, whereby the insurer has direct access to a public relations specialist and legal firms in the event of a breach, is also becoming increasingly popular, Pollard added.

Betterley agreed crisis management benefits are increasingly becoming a criteria for insurers so they can restore their reputation. The reputation damage from a breach can be "extremely severe", especially for large companies who are keen to preserve their "names within the industry", he explained.

With the proliferation of social media and forums, some IT vendors also look for media content insurance coverage, which responds to online defamation of their brand names and infringement of intellectual property rights, Pollard pointed out.

He was responding to the introduction of an insurance policy aimed at U.K. consumers by information privacy company ALLOW, which pays up to 10,000 (US$16,200) for identity theft, account hijacking and reverse search engine optimization (SEO) to bury negative content.

One recent example of a brand suffering a potential reputation hit from a cyberattack, saw hackers gaining control of Reuters news agency's blogging platform and Twitter account in August posting a false story and a stream of false Tweets over issues in the Middle East.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.