Cybersecurity: First-Party vs. Third-Party Cyber Protection Insurance

cyber-protection-insurance

In March 2015, the Australian Securities and Investments Commission published a report named ‘Cyber Resilience: Health Check‘, according to which cyber attacks on Australian businesses are increasing. These attacks may cause loss and/or destruction of valuable and sensitive electronic data and assets, including intellectual property, systems, databases, and privately held information. That’s precisely why nowadays many Australian companies that conduct their business activities with the help of computers and other IT devices decide to take out first-party cyber protection insurance.

In case you didn’t know, there are two types of cyber protection insurance policies: first-party and third-party ones. A first-party cyber risk insurance policy is designed for non-IT firms. When an insured non-IT organization experiences a data breach or some ot her kind of cyber attack, it can file a first-party cyber risk insurance claim and receive funds for: notifying its clients and partners that their information has been compromised or exposed; undertaking a forensics investigation in order to determine what happened, how to repair the damage caused by the cyber incident, and how to prevent such events from occurring again in the future; repairing the systems affected by the cyber attack; recreating lost intellectual property; improving cybersecurity, and many more activities.

A third-party cyber risk insurance policy, on the other hand, is devised for individuals and businesses responsible for the systems that allowed a cyber attack to occur. This type of cyber liability insurance protects IT companies and independent contractors who were responsible for the management and safety of the network that was breached or attacked.

In order to help you better understand the difference between a first-party and a third-party cyber protection insurance policy, I decided to describe one unwelcome non-cyber event, tell you which individual or company needs a first-party insurance coverage, which one needs a third-party insurance coverage, and explain why. All right, here I go. Imagine that one man’s home has recently suffered flood damage. This man needs a first-party flood insurance policy to pay for the damage to his property. The architect who designed his house, on the other hand, needs a third-party flood insurance coverage in order to be protected in case they get sued for not doing their job properly.

Experts say that an IT company’s optimal cyber risk insurance policy should contain both first-party and third-party coverage for IT and tech firms are exposed to both first-party and third-party risks. Keep this in mind when purchasing or renewing a cyber protection policy for your IT business.

Author Description

Anthony Hendriks