Blog.
Why doesn’t my PI cover me for cyber liability?
November 13th, 2017This is a common question that is raised by our clients and a misconception that a professional indemnity policy covers you should a data breach occur. But why? A professional indemnity policy is designed to cover errors and omissions that arise from the negligence of an individual. Whereas a cyber liability policy is designed to cover errors and omissions arising from the theft/loss of data and/or systems.
Key differences;
A Professional indemnity policy will cover the costs for a third party should a breach occur. Professional indemnity will allow mean that the of compensation and other costs to third parties once a breach has occurred. A professional indemnity policy will cover the breach of confidentiality and claims that arise from third parties due to this event.
Whereas…
A cyber policy will cover both the first party and third party costs. A cyber liability policy will cover the costs that are incurred by the business should a breach occur. For example, a cyber policy will cover the business interruption costs and the cost of reinstalling a system should it go down as well as the cost that is incurred from a third party claim against the business. Cyber liability policies have the ability to cover all 1st party costs that are associated with a cyber/ data breach. For example, a cyber policy is able to cover the cost of forensic investigation and system rectification costs as well as covering the costs of business interruption.
Professional indemnity isn’t a specialised policy that is designed to cover these costs that are associated with your business. a professional indemnity policy will cover costs that are incurred on a third party due to an act of negligence or an omission occurring. This type of insurance can cover all types of incident. Whereas a cyber liability policy focuses on the costs that can arise to both a business and a third party from a breach in data or another malicious attack on the businesses systems / data. Such as a DDOS attack to shut down a system or a ransomware attack that meaning that systems and services are withheld until a sum of money is paid.
Read more on cyber insurance.
Back to article