Content, Channel partners, Security Program Controls/Technologies, EMEA, Europe

Cyber Insurance Provider CFC Unveils Business Interruption Coverage

Cyber insurance provider CFC has added business interruption coverage triggered by cyberattacks and IT system failures, according to a prepared statement.

CFC provides full supply chain business interruption coverage for events that impact an insured organization's systems and its suppliers' systems, the company said. It also offers business interruption coverage with unlimited reinstatements.

Furthermore, CFC has added cyber insurance coverage for cryptojacking, i.e. cyberattacks that involve the unauthorized use of an organization's computer network to mine cryptocurrency. This coverage protects an organization against the replacement cost of hardware following a cryptojacking attack.

CFC Cyber Insurance Products: Here's What You Need to Know

CFC offers cyber insurance products backed by claims and incident response specialists, and these products include:

  • Healthcare: Safeguards U.S. healthcare organizations against business interruptions, HIPAA violations, cybercrime and system damage.
  • Large Corporate: Protects large corporations against the costs associated with major security breaches and system failures.
  • Private Enterprise: Consists of data breach, cybercrime and business interruption coverages for small and medium-sized enterprises (SMEs).

CFC's cyber insurance products are purpose-built for today’s risks, the company noted. They help protect organizations against various cyber threats and are used by more than 40,000 businesses worldwide.

Is Cyber Insurance Necessary?

Cyber insurance often plays a key role in an organization's cybersecurity and IT risk management strategy, according to the Federal Financial Institutions Examination Council (FFIEC). Yet not all cyber insurance policies are identical, and organizations that lack the right coverages risk significant recovery costs following a security breach.

FFIEC offers the following recommendations to help organizations weigh the pros and cons of different cyber insurance coverages:

  • Involve key stakeholders in the cyber insurance decision-making process. Include legal, enterprise risk management, operational risk management, finance, information technology and information security management departments in the cyber insurance decision-making process.
  • Address coverage gaps. Review a cyber policy to identify and address coverage gaps.
  • Analyze your coverage annually. Perform an annual cyber coverage review to determine if sufficient coverages are in place.

The number of U.S. firms without cyber insurance fell from 50 percent in 2017 to 24 percent in 2018, a FICO survey of security executives at 500 companies revealed. As organizations search for ways to minimize their security breach recovery costs, the demand for cyber insurance could increase in the years to come.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.