I’ve been contacted by the Information Commissioner’s Office about an information complaint, what shall I expect to happen?
It is important to know the procedures that will be followed after an information complaint is made. Keep all the relevant correspondence and the required information ready. The case officer may need to see the disputed information which will not be passed on to the requester/complainant.

Can you insure against cyber attacks, privacy data breaches, virus & hack threats?
Yes, there are a number of products on the market which you can invest in to insure against these risks. Understand the organisation’s need and then choose an appropriate insurance policy cover.

Is our current insurance policy likely to cover us for cyber losses?
It is unlikely that a standard policy would cover a direct loss to yourselves, however there are policies that cover legal and settlement claims after incidents like data breaches. While most of the insurers provide cover to restore systems and operations after an incident, some may also supply useful services like forensics services or public relations support.

Do I need Cyber Insurance?
Whilst it’s not currently a legal requirement we recommend to anybody that uses IT in any capacity should consider their risk exposure and decide if cyber insurance is required for the business.

Why do I need Cyber Insurance? How does it benefit me and my business?
Most industries now heavily rely on technology, leading to IT becoming a core factor for the smooth running of the business. Any cyber incident against the IT assets of your company can cripple your business leading to huge financial losses from damage recovery, legal settlements and fines. Cyber insurance can, to an extent, support your business to recover from the damages and help financially when needed.

What sort of things does basic Cyber Insurance cover in general?
A standard cyber insurance package should cover the following elements: Legal liability cover, which should provide legal aid to in the event of attack/breach, cost incurred to return the business to operational, notification and forensics services, public relations firm coverage and penalties

What is the difference between first party and third party coverage?
First party cover refers to insurance to protect your own business exposure and costs. Third party cover provides insurance when a data breach occurs on a third party’s network or systems. It covers legal expenses that result from a company being blamed for causing a client’s losses.

I use social media to market my business. Is that covered too?
Cover is available for incidents relating to social media, however, each insurer takes their own view on this subject area and the level of cover provided.

If I have cyber insurance, which security practices do I no longer need?
You will still need to have strong security in place, such as anti-virus and risk management. Cyber insurance should not be relied on, as it will not prevent a data breach or attack. Make sure to take proactive actions to prevent an attack by placing right security controls and the cyber insurance will act as an added layer of protection against your financial losses from the attack.

Are we still responsible if there is a breach to our system?
Yes, protecting customer information is your organisation’s responsibility and you are liable for any losses and will have to pay any fines or fees resulting from legal actions.

Which industries/sectors require cyber insurance?
For any organisation, within any industry, which relies on their IT systems to trade, conduct their business, maintain records or handle personally identifiable information (PII) may require a cyber insurance cover.

Does cyber insurance cover breaches relating to websites? (Such as defacement, etc.)
Yes. This type of insurance can also provide cover for the loss of profit following events such as a DDoS attack, specific defacement of a website of intellectual property rights infringement.

I don’t store any customer information on my network, do I still need cyber insurance?
If this data is being transmitted in any way, cyber insurance policies will generally cover any data breaches which occur via the transmission of the data like loss/theft of electronic storage devices.

What sort of things does basic Cyber Insurance cover in general?
A standard cyber insurance package should cover the following elements: Legal liability cover, which should provide legal aid to in the event of attack/breach, cost incurred to return the business to operational, notification and forensics services, public relations firm coverage and penalties.