Portal Login | Search
Cybersafe November 10, 2019

What is Cyber Insurance?

Among existing insurance products, cyber insurance is a lesser known type of policy, since it only began to exist after the Internet boomed in the early 2000s. It began gaining traction in 2005, which makes it much newer than its more ubiquitous cousins, such as life insurance.


Cyber insurance generally deals with the costs of cyber-related attacks, and are usually categorized into two for businesses: first-party cyber liability insurance and third-party cyber liability insurance.


First-party cyber liability insurance policies are usually acquired by smaller businesses, for when the damage directly affects them and their business operations. Cyber insurance would help offset recovery costs after cyber-related security breaches. The insurance policy would allot for the costs of investigating the breach. Cyber insurance here may also cover business losses, recovery of data and even extortion, depending on the situation.


Meanwhile, third-party cyber liability insurance takes care of the parties who were affected by a data breach that happened to a business. This policy hinges on a company’s inability to protect the data of others. In the instance that a company website was breached and its customers’ data was stolen, third-party insurance would cover notifying affected parties and dealing with lawsuits, if any.


Personal cyber insurance, on the other hand, takes care of the costs related to damages done to individuals. Victims of ransomware (a malware that encrypts your files and demands ransom in exchange to unlock) would be able to recoup their losses through cyber insurance. Personal cyber insurance can also cover loss related to cyber identity theft (and damage to reputation), data recovery, as well as devices damaged by cybercrime.


The cost of cyber insurance depends on one’s risk factors, and insurance companies would look at how well you implement security measures in your cyber life. Locally, cyber insurance is available, but not widely known nor utilized. The Philippine Data Privacy Act wasn’t established until 2012, so liabilities, penalties, and other fines have only been recently a relevant interest for us. Businesses and individuals alike who are concerned over possible attacks (or just value their data and online presence) would benefit by looking into cyber insurance policies that would best suit their needs.


This article is part of the Banker’s Association of the Philippines’ (BAP) #CyberSafe campaign, where the BAP aims to promote awareness in cybersecurity. The campaign will upload new posts tackling common web security questions and issues on Wednesdays and Sundays every week.


For more content on cybersecurity, visit the BAP Official YouTube channel.