The word ‘cyber’ is synonymous with computer, computer systems and computer network. Thus, it can be said that cyber-crime occurs when any illegal activity is committed using a computer or computer resource or computer network.
Cyber-crime is a computer mediated activity which is conducted through global electronic networks. The frauds in e-banking sector are online theft, credit card fraud/Debit card fraud, and intellectual property violations. Mostly cyber frauds are committed because of two goals, one, to gain access to the user’s account to steal his personal information and transfer funds from one account to another. Second is to undermine the image of the bank and block the bank server so that the customer is unable to access his account.
• The risks basically break down into the following four categories that should guide banks’ cyber-insurance evaluations:
• Negligent breaches, caused by you, an agent, or a vendor, inadvertently causing a breach.
• Intentional attacks/breaches, with the goal of making money, or a statement, by causing or threatening to cause your organization or its customers harm.
• Intentional or unintentional, where a blogger or webmaster uses trademarked or copyrighted material, or invades the privacy of a third party without permission. This is traditionally the realm of “media liability” and sometimes “advertising injury” insurance.
• The flaw in the Machine” – some sort of inherent flaw or hole in your hardware or software causes data loss or a security breach.
Cyber Liability Insurance
Cyber Insurance covers losses arising from cyber risks tend to fall into one of two categories – “first-party” losses (the bank’s direct costs) and “third-party” losses (liability losses). First-party losses consist of costs directly incurred by the bank as a result of the breach, such as costs incurred in connection with privacy notifications, public relations efforts, forensic investigations, restoration of data, and business interruption, and, in some instances, ransom payments. Third-party losses are liability losses, and include defense costs and indemnity payments in connection with customers’ claims for damages and regulatory investigations.
First party cover includes
• Loss of data through network security breach, unauthorized use of the computer system, computer virus, human error, or accidental damage or destruction of data media
• Business income and extra expense cover, which helps the Bank to survive the impact of loss of business income through a failure in the computer systems.
• Crisis management and notification costs, with coverage including the cost of hiring expert assistance to mitigate the effect of the incident – and the costs of notifying relevant parties in the event of a data breach, Credit monitoring, Extortion rewards and payments.
Third party cover includes
• Damages or costs incurred through disparagement, plagiarism or infringement perpetrated through computer systems or websites
• Liabilities from breach of privacy or confidentiality
• Defence and settlement cost
• Transmission of virus or a denial of service attack
• Regulatory Defence costs and Fines and Penalties
• Viruses created by you are not covered;
• Losses caused by self replicating code which has not been specifically targeted at you are not covered.
• Claims caused by infringement of patents;
• Deliberate or reckless acts are not covered;
• Claims due to pornographic or obscene material are not covered (unless caused by hacker damage)
Cyber insurance typically covers expenses related to first parties as well as claims by third parties.
(Disclaimer- Above mentioned report was prepared on the basis of information available in the public domain.)