What is cyber liability insurance?
A guide for attorneys and law firms
Most law firms today conduct business online. Increased use of technology may lead to heightened risk for cybercrimes – such as ransomware attacks, data breaches, and fraudulent schemes – that can result in significant financial losses. Cybercrimes are a hot button issue for attorneys and law firms due to the sensitive client data they routinely handle.
Common technologies used by law firms
Think your law firm can’t fall victim to a cybercrime? It may surprise you to realize the everyday tools you use that could be impacted in a cyberattack, such as:
What can a cybersecurity claim typically cost? The numbers don’t lie!*
What are common types of cyber claims facing law firms?
Let’s explore key questions about cyber liability insurance to help you make informed decisions to safeguard your practice.
Chapter 1
What is cyber liability insurance?
Cyber liability insurance helps protect you and your law firm against monetary losses and legal action resulting from data breaches of sensitive personal data and other business information.
While cyber coverage can vary by insurer, a policy may typically cover breaches of:
- Account numbers
- Credit card numbers
- Social Security numbers
- Driver’s license numbers
- Confidential legal information (documents and other information protected by attorney-client privilege)
Chapter 2
What are the consequences of a cybercrime?
Cybercrimes and data breaches can have severe consequences for your practice, such as:
Chapter 3
Is cyber coverage included in professional liability insurance?
Typically, professional liability (malpractice) insurance does not include cyber liability coverage.
Why? Because professional liability insurance is generally uniform, while cyber insurance may be more customizable to suit the attorney’s needs. This can make it difficult to combine the two types of coverage into one policy.
Most cybercrimes are committed by a third party. As such, these risks are not included in a malpractice policy that only covers actions carried out as part of the attorney-client relationship.
Why cyber liability insurance is offered as a standalone policy?
Cyber risks evolve constantly in lockstep with rapid technological advances. It is crucial for cyber insurance to address emerging threats, which means that cyber policies may need to be adjusted more often than other types of coverage.
TIP
Chapter 4
Cyber liability insurance vs. Data breach coverage: What’s the difference?
Typically, cyber liability insurance is more comprehensive – which may bring you more peace of mind.
Cyber liability insurance
Cyber liability insurance
Data breach insurance
Data breach insurance
In addition, all states have data breach notification requirements. Make sure your practice is fully compliant in the event of a data breach.
Chapter 5
Why law firms should consider cyber liability coverage
While law firms may not be legally required to carry cyber liability insurance, you may still want to consider it – particularly if you use technology to store and process sensitive information. The reality is that the more you use technology in your practice, the higher the risk of potential cyberattacks may be.
In addition, as an attorney, you have an ethical obligation to make reasonable efforts to avoid data loss and prevent cyberattacks. While it is important to invest in advanced cybersecurity solutions, it may not be possible to prevent all attacks. Cyberattacks against big corporations may be more widely publicized, but smaller firms are also vulnerable.
Cyber liability insurance is an important consideration for law firms of all sizes – from solo attorneys to full-service firms – to help bring you additional protection and peace of mind.
Chapter 6
What cyber liability insurance does (and does not) cover
Let’s begin with types of cyber liability insurance, and what each covers.
Click the images to learn more about each coverage option.
First-party coverage
Third-party coverage
First-party coverage
First-party coverage helps protect businesses against financial harm that may occur because of a cyberattack on their system or network. Covered incidents commonly include:
- Social engineering. A strategy employed by hackers to con their victims into revealing private information or performing a specific action that typically results in a negative outcome.
- Loss or damage to data. If your data or software is lost, damaged, or stolen, coverage can help with recovery costs.
- Loss of income and additional expenses. This includes expenses that would normally have been earned had the breach not occurred.
- Cyber extortion. Coverage can help cover sums paid as extortion to hackers during a ransomware attack or similar threat.
- Notification costs. This can cover expenses incurred when notifying the parties whose data has been leaked, damaged, or compromised. Examples include hiring call centers or dedicated personnel to make calls on behalf of your firm.
- Damage to reputation. While reputation can be hard to measure monetarily, you may be able to cover the cost of lost trust, as well as PR and marketing expenses incurred to safeguard your reputation.
- Crisis management. Some policies may cover expenses such as costs related to hiring external professionals to evaluate the extent of the damage and determine next steps.
Third-party coverage
Third-party coverage can help protect you against claims by clients or other third parties whose information has been breached and want to sue you or your firm for malpractice. Examples of covered incidents include:
- Network security and privacy liability. This coverage can help cover the cost of claims against your business for negligently failing to safeguard the security of personal data.
- Electronic media liability. If a data breach causes sensitive information to be disseminated online, this coverage can help cover the costs of lawsuits for defamation, libel, slander, or copyright infringement.
- Regulatory proceedings. If your practice is not fully compliant with relevant cybersecurity regulations, this can help cover the costs of potential regulatory proceedings the government may bring against you.
What is not included in cyber liability insurance?
Cyber liability insurance typically does not cover:
- Bodily injury
- Property damage
- Loss of property
- Criminal activity
Chapter 7
How much does cyber liability insurance cost?
It depends on several factors related to your legal practice, such as:
The bottom line
It is wise for law firms to implement a multifaceted approach to cybersecurity. Preventative measures to consider include:
- Hiring an IT expert
- Investing in advanced cybersecurity software
- Educating yourself and your staff on common cyber risks
- Staying aware of cybersecurity regulatory trends
- Securing cyber liability insurance!
Get a quote for cyber liability insurance in minutes!