A Quick Guide to Cyber Insurance
In the era of the “Internet of Things”, every enterprise is exposed to cyber risks. According to CERT Polska reports, the number of cyber incidents in which this institution was involved increased from 3,738 in 2018 to 6,484 in 2019. It can be assumed that in 2020, in which the COVID-19 pandemic contributed to the spread of remote work and many processes to cyberspace, this growth must accelerate. Let’s see what consequences a cyber security breach can have on the company’s operations.
In 2019, data on 500 servers and 2,700 computers of Norsk Hydro, one of the largest aluminum producers in the world, was encrypted, resulting in the temporary shutdown of numerous plants in the US and Europe. The company refused to pay the requested bitcoin ransom and rebuilt its systems for many months. The crisis cost them over $ 60 million, although the Norwegian company even considered the possibility of bankruptcy due to inability to fulfill orders.
In 2018, the Polish online store Morele.net fell victim to a hacking attack, as a result of which the personal data of 2 million customers was stolen. The Personal Data Protection Office imposed a fine of PLN 2.8 million on the company for inadequate security and lack of procedures in such a situation. Since the introduction of the GDPR regulations in May 2018, to January 2020, over 7,000 personal data breaches have been notified to the Personal Data Protection Office. Recently, even more spectacular incidents have occurred in the EU countries, with fines imposed by regulators reaching up to EUR 50 million.
GrECo Polska recommends cyber insurance to its clients, which in such crisis situations will provide appropriate assistance of experts. They will help you react appropriately and the insurance will cover a number of first party costs (legal services, data restoration, IT investigators, PR, business interruption, payment of penalties imposed by the Personal Data Protection Office or even payment of the demanded ransom), as well as third party compensation resulting from liability for personal data breach, commercial information and network security.
Author:
Piotr Rudzki
Financial Lines Practice Leader, GrECo Polska
Last Updated on February 12, 2021 by Łukasz