Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Got cyber insurance?

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 25 Oct 2011 01:10:01 -0500 (CDT)
http://www.networkworld.com/news/2011/102411-cyber-insurance-252145.html

By Lamont Wood
Network World
October 24, 2011
Heartland Payment Systems figured it was in pretty good shape when it took out a $30 million cyber insurance policy. Unfortunately, the credit card transaction processor was the victim of a massive data breach in early 2009 that resulted in losses estimated at $145 million. The insurance company did pay Heartland the $30 million, but the company was on the hook for the remaining $115 million.
So, is cyber insurance worth it? Is it right for your company? What type of coverage should you get? How much is enough? And what are the gotchas to watch out for?
The first point to understand is that standard business insurance does not cover data breaches or almost any other loss involving data. Standard insurance covers tangible losses and damage. Data isn't tangible.
For that distinction you can thank American Guarantee & Liability Insurance Co. vs. Ingram Micro Inc., a U.S. District Court ruling in Arizona in 2000. The court said that a computer outage caused by a power problem constituted physical damage within the meaning of the policy Ingram Micro had purchased from American Guarantee. 

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Previous By Date Next
Previous By Thread Next

Current thread: