Insurance Can Be Purchased for Cyberattacks, But Figuring Out What to Cover Can Be a Challenge
Posted Jan 24, 2012 05:39 pm CST
If a law firm or client is hit hard by a cyberattack, their worries aren’t limited to data recovery and computer hardware and software that may have to be repaired or replaced.
Lawsuits and regulatory fines could also result, as well as damage to the reputation of the business, reports Computerworld.
That’s why a growing number of insurers are offering policies to cover such damage–sometimes at a price that the magazine calls “staggering.”
Comprehensive general liability insurance policies and even some cyberpolicies don’t cover all of the costs, however. Coordination between information technology experts and those in charge of the firm is crucial to ensure adequate coverage for both equipment and risks that likely would result from a hack attack, for those who opt to purchase such insurance.
Some argue that it is more important to focus resources on preventing damage than repairing it after the fact.
Insurance can’t put a company’s reputation back in place and fully restore customer goodwill after a cyberattack, says executive director Hord Tipton of Systems Security Certification Consortium, a nonprofit that has opted to go bare on such coverage. Likewise, “a company,” he says, “should not let complacency set in just because they are insured.”
ABA Journal: “Cyberspace Under Siege”
ABA Journal: “Safe in the Cloud? Online Service Risks Need Care and Coverage”
ABAJournal.com: “Zombie Servers Put Law Firm in Midst of Internet ‘Litigation’ Blitz”
ABAJournal.com: “Law Firms Overlook Vulnerabilities to Cyberattacks, Panel Says”