In our increasingly online and digital world, every company faces potential “cyber risks.” It’s a term that’s used frequently and a topic of the daily news cycle. Cyber risk represents two major perils: network security failure and privacy incident, which simply means an organization’s failure to protect its computer systems or private information, or both. A network security failure or a privacy incident can be totally intertwined or mutually exclusive. If either of these incidents occur, your organization can suffer various losses.
Starr’s Cyber Risk Response policy addresses many of the common repercussions that organizations face as a result of cyber risk perils. We provide protection for losses with a comprehensive policy form that’s designed to pay for expenses sustained by your organization from an actual or suspected network security failure, or privacy incident.
The policy also provides defense costs, and pays for damages that arise from legal liability stemming from these types of incidents.
- Commercial enterprises including public, private and nonprofit entities
- Incident Response Expenses – Pay the expenses sustained by your organization to:
- Contain a network security failure or privacy incident
- Retain legal counsel, forensic investigators and public relations professionals to help determine your responsibilities
- Notify affected people and provide identity theft assistance
- Security & Privacy Liability – Pay to defend you in the event of:
- Class actions by customers whose personal information has been compromised
- Regulators bringing investigations for violating a law relating to these types of incidents
- Business Interruption – Reimburse the loss of income for interruption or suspension of business
- Data Recovery – Reimburse the costs to restore, recreate or recollect lost electronic data
- Cyber Extortion – Reimburse payouts made in exchange for eliminating a threat or demand made against your organization’s computer system or private information
- Media Content Liability – Pay to defend in the case of liability arising from alleged trademark infringement, copyright infringement, defamation, false light, product disparagement and other types of content related issues
- PCI-DSS Assessment Coverage – Pay for loss arising from claims for non-compliance with PCI Data Security Standards
- Contingent Business Income Loss – Reimburse for loss of income after a material business interruption caused by a security failure of any entity that you depend on to conduct business other than a third-party computer system provider
- System Failure Coverage – Expands the cause of a material interruption to include other unintentional failures
- Cyber Crime – Reimbursement for the loss of the organization’s funds sustained from a network security failure or fraudulent impersonation
- Contingent Bodily Injury / Property Damage – Provides contingent coverage in the event that a network security failure or privacy incident result in physical injury or property damage
- Up to $25,000,000 - primary or excess limits
- Shared or separate limits available
- Minimum $5,000
- Bespoke customizable coverage – highly adaptable program which includes manuscript endorsements
- Available on Admitted or Non-Admitted basis
- Can be packaged with Technology Errors & Omissions Coverage
- Responds on a discovery basis - no retroactive date; will maintain continuity dates of prior coverage
- Knowledge limited to executive officers
- Rogue employee carve-back
- Coverage for third-party computer services providers, information handlers and contingent business partners
- Cyber Terrorism Coverage
- Impacted Individuals Limit with Supplementary Incident Response Expenses
- Initial Incident Response Expenses
- Regulatory Proceedings Coverage to contemplate – GDPR, CCPA and other similar regulation
- Wrongful Collection extension
- Reputational Loss Coverage
- Non-Physical Damage Loss of Use (Bricking) Coverage
- Voluntary Shutdown for Business Interruption extension
- Betterment carve-back either to minimize loss or due to electronic data or equipment being unavailable
- Contingent Bodily Injury Coverage
- Invoice Manipulation Coverage
- Crypto-jacking Coverage
- Workplace Violence Coverage
- Claims Avoidance Costs Coverage
- Financial Investigative Expenses Coverage
- Reputational Risk Coverage
- Other Insurance Clause options – primary or excess to other insurance policies
- E-Discovery Services extension
- Law Enforcement Cooperation extension
- Criminal Rewards extension
- Legal consultation with a pre-qualified attorney following an incident
- Incident Roadmap to assist in planning a network or data breach incident response
- Access to pre-qualified industry experts in pre-breach and post-breach disciplines
- Risk management tools, including policies and procedures, training, cyber-risk assessments, loss calculator, breach notification guides and research tools
- Access to news on major breach events, best practices articles, white papers, webinar training events, risk management events, and security and privacy blogs
- Opportunity to access a complimentary external network vulnerability scan of up to 50 IP addresses
- Provides a report of threat exposures and criteria for risk prioritization to facilitate timely mitigation of risk to ensure assets are protected
- Vulnerability scans are powered by insightVM, Rapid7’s best-in-class vulnerability platform technology
- 30-minute scan readout to review the following reports: Executive Summary, Top 25 Remediation Report, CVA Output, Technical Details and Remediation Plan
Coverages described herein are underwritten by Starr Indemnity & Liability Company or Starr Surplus Lines Insurance Company. Starr Insurance is a marketing name for the operating insurance and travel assistance companies and subsidiaries of Starr International Company, Inc. and for the investment business of C. V. Starr & Co., Inc. and its subsidiaries. The coverages described in this document are only a brief description of available insurance coverage. It is intended for general information purposes only and does not provide any guidance regarding specific coverage available or any claim made thereunder. Any policy described herein will contain limitations, exclusions and termination provisions. Not all coverages are available in all jurisdictions. For costs and complete details of specific policy coverage, please contact an insurance professional by sending an email to the address provided above.