Employment Practice Liability


A cyber insurance policy, also known as cyber liability insurance or data breach insurance, reduces risk by funding costs involved with cyber attack or denial of service attack.

Employment Practices Liability Insurance (EPL) provides financial protection for businesses against legal action by employees.

Lawsuits arising from allegations of discrimination, sexual harassment, workplace bullying, wrongful dismissal and many other employment-related issues can potentially expose an organisation to heavy financial losses, disruption to productivity and irreparable damage to brand and corporate reputation.

For companies of all sizes, there has never been a greater need to reduce their risk exposure by having an EPL policy in place. The impact of the international “me-too” movement has resulted in an increase in sexual harassment and discrimination claims by employees against current and past employers. The Covid-19 pandemic has caused a similar spike in workplace EPL claims related to payments, conditions and workplace health and safety.

In such an environment, having adequate insurance in place to protect company balance sheets has become imperative.

Some Key Facts
  • Spear phishing attacks increased 26% to 30% against SME’s
  • 317 million new pieces of malware were created
  • 1 in 9 legitimate websites have a critical vulnerability
  • Ransomware attacks grow 113% with 45 times more crypto attacks
  • 1 in 965 emails contain a phishing attack
  • 17% of Andriod Apps malware in disguise
  • 23% increase in breaches.
  • Internet of Things continues to be attacked
  • Compromised for 295 days but 59 days to patch
  • Internet of Things continues to be attacked
  • Time to compromise time v time to discovery keeps growing
Top countries that host Malware

Source: FORCEPOINT 2016 Global Threat Report

  • USA
  • Italy
  • Russia
  • Turkey
  • Ireland
  • United Kingdom
  • France
  • Netherlandss

What Is Cyber Insurance?

Cyber insurance, also known as cyber & privacy liability insurance or data breach insurance, reduces risk by funding costs involved with a cyber attack or denial of service attack. Cyber insurance is increasingly being purchased by companies of all sizes, with the total premiums forecasted to reach USD$7.5 billion by 2020. PwC report that about one-third of U.S. companies currently purchase a form of cyber insurance.

So companies are increasingly looking to purchase cyber insurance, but what does it cover? Cyber insurance typically covers a range of a companies own expenses incurred to respond to the cyber attack, as well as claims by third parties – alleging either financial loss, or even personal injury.

This is a fast evolving space, so at this point in time, the following costs can be covered.

 

How do we hold and protect your information?

We hold the information we collect from you in our computer system and in our hard copy files. We ensure that your information is safe by following the usual security procedures expected by our clients.


search
Investigation

Specialist investigation to identify what occurred, where in your network was infiltrated, how to repair damaged network assets, manage your reputation and importantly, and how to prevent further breaches. Investigations typically involve expert IT security contractors, as well as working with law enforcement (either federal or state).

dollar
Company Loss

A cyber insurance policy can cover your liabilities arising out of a cyber attack, as well as your loss due to network downtime, business interruption, data loss recovery and costs of managing a crisis and your reputation.

lock
Privacy & Mandatory Reporting

This provides coverage for the costs of data breach notifications to customers and other affected parties, where mandatory reporting laws require you to advise of the data breach. Anecdotal evidence suggests the costs per record can be between as high as USD200 per record breached. Such mandatory reporting laws exist in the US and, EU, and are soon to be implemented in Australia.

warning
Litigation & Cyber Ransom

Coverage for legal expenses associated with the of breach confidential information, personal health information (e.g. HIPPA data) and intellectual property, legal settlements and civil insurable regulatory penalties. This may also include the costs of cyber extortion, such as ransomware, where you may be held to ransom, to gain access to your networks, or threatened by a release of data (e.g. personal information or personal health information).


Claim Examples

Employee Breaches Internal Governance

Loss: $170K

An employee at a retail store ignored internal policies and procedures and opened a seemingly innocuous file attached to an email. The next day the store’s stock order and cash registers started to malfunction and business trade was impaired as a result of the network failing.

The store incurred over $100,000 in forensic investigation and restoration services. They also had additional increased working costs of $20,000 and business income loss estimated at $50,000 from the impaired operations.

 

 

Laptop Stolen Results In Invasion of Privacy

Loss: $325K

A company executive’s laptop was stolen from a vehicle.

The laptop contained significant private customer and employee information. Although the file was encrypted, the overall password protection on the laptop was weak and the PIN for
accessing the encrypted information was compromised.

After assessing the nature of the information on the laptop with a forensic expert and outside compliance counsel at a cost of $50,000, the company voluntarily notified relevant customers and employees and afforded call centre, monitoring, and restoration services, as appropriate.

While additional first-party cost was $100,000, the company also incurred $75,000 in expenses responding to a multi-state regulatory investigation.

Ultimately, the company was fined $100,000 for deviating from its publicly stated privacy policy.