Every company has a reliance on technology, regardless of their size or industry. This creates an exposure to cyber risk that can emanate from multiple sources, both internal and external to a company’s immediate operating environment. This risk is not going away either. In today’s interconnected world where we increasingly rely on technology, cyber risk will always be an important consideration when operating a company.
Today, cyber-attacks have moved beyond simple data breaches to sophisticated schemes designed to disrupt businesses and supply chains, steal critical data and hold businesses to ransom. These attacks have the ability to cripple an organisation by disrupting IT systems and damaging the company’s brand. In line with the growing number and severity of cyber attacks, associated costs are also on the rise, with the estimated global costs of cyber crime well into the billions of dollars.
Law firms are desirable targets for external threat actors due to the extensive amount of valuable and confidential data that is regularly stored on your systems. In addition to this, firms also handle large amounts of settlement funds on behalf of clients, representing a lucrative target to potential hackers.
Cyber Insurance
Whilst a Cyber insurance policy should not act as the primary solution for managing a firm’s exposure to cyber-attacks or data breaches, mitigating cyber risk through insurance can play an important role in the firm’s overall approach to cyber risk management. Cyber insurance provides both first party and third party coverage for many of the costs that may be incurred following a cyber-incident, as well as access to specialist vendors to provide immediate assistance in containing the incident and reducing any resulting losses.
Recognising the increasing cyber risk faced by law firms, Marsh has worked with Chubb Australia to develop a Cyber insurance facility specifically for Victorian law firms that are currently insured with the Legal Practitioners Liability Committee (LPLC) with annual fee income of under $25,000,000. The value proposition developed by Marsh centres on providing LPLC member firms with coverage that is relevant and specific to your business risks. Under this arrangement a bespoke wording has been drafted, and key coverage enhancements have been negotiated specifically for the benefit of LPLC member firms.
Coverage
Covering the operations of a business, its reputation and client base is critical. The Marsh cyber insurance solution for law firms provides:
First Party Cyber Event cover
- Access to Chubb’s Incident Response Team via a 24/7 telephone hotline, a mobile application or an online platform in the event of an actual or suspected breach.
- Assistance from specialist third party vendors including public relations and crisis communication consultants, forensic IT and security experts, and law firms.
- Coverage for loss of net profit due to business interruption that results from network or system downtime, including losses resulting from ransomware
- Privacy notification and breach management costs. This includes expenses to comply with notification provisions in privacy legislation, and costs associated with credit monitoring and call centre services
- An optional extension for social engineering fraud cover.
Download the Chubb Cyber Incident Response Platform guide.
Third Party Cyber Event cover
- Cover for compensation and defence costs which arise from claims brought by impacted clients or employees for privacy breach.
- Cover for fines and penalties resulting from a regulatory investigation or breach of mandatory notification legislation (where insurable by law).
Does my current LPLC Professional Indemnity policy provide any coverage for cyber losses?
Key Features of the Marsh arranged Cyber offering underwritten by Chubb
- A bespoke policy designed specifically for legal practitioners.
- A Difference in Conditions endorsement.
- Inclusion of cover for cyber crime.
- An optional extension to extend cover for claims arising from social engineering (CEO) fraud.
Social Engineering Fraud
Social engineering fraud is widespread, increasing at an alarming rate as fraudsters remain persistent and relentless in the pursuit of their crimes. For organisations that fall victim to an attack, the financial consequences can be devastating.
Social engineering is the art of manipulating human behaviour to use the target to unintentionally reveal sensitive information or perform actions that compromise the security of networks to obtain unauthorised access to a system for financial gain.
Under this arrangement for Victorian Law Firms, Marsh has negotiated an optional extension to include Social Engineering Cover as follows:
Sub-limit: $50,000 any one claim and in the aggregate
Retention: $5,000 each and every claim
