I work for a small to mid-sized CPA firm. We employ the standard security procedures: Firewall, password complexity requirements, Anti-virus protection and the like. The partners have been offered a cyber liability policy that is specific to CPAs.<\/p>\n
Advertisement
What are your thoughts? Should a firm this size be covered outside of our General Liability policy?<\/p>","upvoteCount":8,"answerCount":15,"datePublished":"2011-06-13T08:24:51.000Z","author":{"@type":"Person","name":"suzannemrose","url":"https://community.spiceworks.com/u/suzannemrose"},"acceptedAnswer":{"@type":"Answer","text":"
Advertisement
Well I would say that based on what you posted Suzanne and what Huw wrote it would seem this is supplemental liability insurance specifically aimed at the “unique” liability scenarios that can occur int he digital realm. It seems to me this would be a pretty wise idea, especially if you do not keep all data in house (use cloud based or SaaS services) You could still sustain a breach internally, but you know what safeguards you have in place and you are not as high a a target as someone who houses lots of information as opposed to just your own businesses, and as evidenced by security breaches of data recently the clients are still responsible for data breaches and cost associated with them even if a third party provider was the one that was hacked.<\/p>","upvoteCount":0,"datePublished":"2011-06-14T08:36:45.000Z","url":"https://community.spiceworks.com/t/do-we-need-cyber-liability-insurance/91462/9","author":{"@type":"Person","name":"alex3031","url":"https://community.spiceworks.com/u/alex3031"}},"suggestedAnswer":[{"@type":"Answer","text":"
I work for a small to mid-sized CPA firm. We employ the standard security procedures: Firewall, password complexity requirements, Anti-virus protection and the like. The partners have been offered a cyber liability policy that is specific to CPAs.<\/p>\n
What are your thoughts? Should a firm this size be covered outside of our General Liability policy?<\/p>","upvoteCount":8,"datePublished":"2011-06-13T08:24:51.000Z","url":"https://community.spiceworks.com/t/do-we-need-cyber-liability-insurance/91462/1","author":{"@type":"Person","name":"suzannemrose","url":"https://community.spiceworks.com/u/suzannemrose"}},{"@type":"Answer","text":"
This is probably a question for the lawyers at this point. I don’t know what amount of liability you incur from handling the data that you do. You could also take a look at your General policy and see what it covers. It might be worth contacting your liability company to see if they’ll give you that information in writing since most reps will just give you a verbal, “Yeah, we cover that”, which is worth as much as the paper it is printed on…<\/p>","upvoteCount":0,"datePublished":"2011-06-13T10:01:47.000Z","url":"https://community.spiceworks.com/t/do-we-need-cyber-liability-insurance/91462/2","author":{"@type":"Person","name":"kelly","url":"https://community.spiceworks.com/u/kelly"}},{"@type":"Answer","text":"
What cyber liability could you incur that would not be covered by your Public Liability Insurance… Indeed what point would there be in having Public Liability Insurance that didn’t cover your online activities? Are those online activities clearly stated in the proposal form your company submitted to obtain their liability insurance?<\/p>\n
Sounds like a bit of a scam to me. In the UK this might even be a risk in itself - double insuring a liability can lead to all sorts of problems, and may even mean you are not insured at all…<\/p>","upvoteCount":0,"datePublished":"2011-06-13T23:55:15.000Z","url":"https://community.spiceworks.com/t/do-we-need-cyber-liability-insurance/91462/3","author":{"@type":"Person","name":"brianwright9699","url":"https://community.spiceworks.com/u/brianwright9699"}},{"@type":"Answer","text":"
Very interesting topic, I would be very curious are you privy to what the language of the current liability insurance is and or the language of the Cyber liability policy? What exactly does the Cyber liability policy cover?<\/p>","upvoteCount":0,"datePublished":"2011-06-14T07:15:11.000Z","url":"https://community.spiceworks.com/t/do-we-need-cyber-liability-insurance/91462/4","author":{"@type":"Person","name":"alex3031","url":"https://community.spiceworks.com/u/alex3031"}},{"@type":"Answer","text":"
Thanks for the input. I do not have access to the current General/Professional Liability policy, so I cannot speak about what it covers. But here is the wording from the Cyber Liability policy info:<\/p>\n
“2 significant enhancements to the network risk and privacy claim coverage currently included in the AICPA Professional Liability Insurance policy”<\/p>\n
\n
\n
Privacy Event Expense Coverage - Reimburses you, up to the limit of liability, for reasonable and actual costs incurred if you sustain a privacy breach. Includes the cost to: comply with notice law, including notifying affected individuals by 1st class mail; procure credit monitoring on behalf of individuals affected; manage or respond to unfavorable publicity; manage relationships with regulatory authorities or law enforcment; remediate a risk control deficiency that may have contributed to a breach.<\/p>\n<\/li>\n
\n
Network Damage Claim Coverage - responds if a claim brought by non-clients results from an unauthorized use of your network to attack or damage another’s network alleging the following, if caused by you; the unscheduled and unplanned inability to gain access to their network; damage to information residing on their network; the suspension or interruption of their network.<\/p>\n<\/li>\n<\/ol>","upvoteCount":0,"datePublished":"2011-06-14T08:16:45.000Z","url":"https://community.spiceworks.com/t/do-we-need-cyber-liability-insurance/91462/5","author":{"@type":"Person","name":"suzannemrose","url":"https://community.spiceworks.com/u/suzannemrose"}},{"@type":"Answer","text":"
I work for a UK Insurance broker.<\/p>\n
I have spoken to one of the people at the sharp end who have said that Cyber liability cover specifically deals with risks that would not normally be covered by your standard public liability cover, so you wouldn’t be double insured.<\/p>\n
From our website:<\/p>\n
\"Cyber crime is one of the fastest growing crimes. Risks such as hacking, information misuse, fraud and virus transmission can seriously damage your business.<\/p>\n
What is Cyber Liability Insurance? \nCyber Liability Insurance addresses risks associated with e-business, the internet, networks and information assets.<\/p>\n
When do I need Cyber Liability Insurance? \nAnyone with a web site now has the legal liabilities of a publisher. Companies that venture into the World Wide Web face liability exposures that are emerging, evolving and are complex.<\/p>\n
Almost every company has some kind of network, database or online presence that puts it at risk for litigation. If you have a website, you could be targeted for violating copyright. You could be liable for slander or defamation due to information posted on a blog or a social networking site by an employee.<\/p>\n
What does Cyber Liability Insurance cover? \nCL insurance can cover:<\/p>\n
\n
Network or website damage<\/li>\n
Breach of Privacy<\/li>\n
Fraud<\/li>\n
Virus transmission<\/li>\n
Infringements of intellectual property rights<\/li>\n
Defamation<\/li>\n<\/ul>\n
Examples of claims that can be made<\/p>\n
\n
Breaches of confidentiality<\/li>\n
Breaches of privacy due to comments circulated via the internet or email<\/li>\n
Libel and slander due to email or website content<\/li>\n
Misleading advertising \n\"<\/li>\n<\/ul>\n
As you’re in the US, perhaps this might be of help? CFC are one of the Underwriters we use in the UK.<\/p>\n
