Aon  |  Professional Services Practice
Cyber Risk

In evaluating Cyber Risk insurance, it is important to understand the risks and exposures an insurance policy may or may not address. While there are numerous standard products available in the marketplace, coordinating Cyber Risk and Professional Liability coverage is a critical challenge for professional service firms (such as law firms, accounting firms, consulting firms and design & construction firms).

Featured Article

Pushing the Limits – How Much Cyber Insurance Do Professional Service Firms Need?

May 2024 - The only thing worse than being hit by a cyber-attack is finding that your cyber program limits are insufficient to pay the full amount of the loss. Cyber insurance is no longer cheap and nobody wants to pay for insurance limits that may never be used. In a dynamic threat environment where information and publicly available statistics are unreliable, how can we be confident that cyber limits are sufficient?

Read more

Insight Archive Subscribe to our insights >>

We believe that one size does not fit all. Since the terms and conditions of each Cyber Risk insurance product vary greatly, we examine and modify each offering to present a recommended solution that is tailored to our clients' unique needs.

Many professional service firms consider expenses related to a privacy or security data breach, such as statutory notification costs, to be of paramount concern.

  • More and more client contracts are specifically requiring insurance coverage for these types of costs be evidenced
  • Data breach disclosure laws have been enacted or introduced in a majority of states, as well as in the European Union, and continue to evolve

Cyber Risk insurance policies provide direct access to data breach consultants and panels of experts to assist firms that suffer data breach events. The insurance also addresses expenses for forensic investigation and public relations, as well as notification costs, credit monitoring, and consumer education and assistance costs arising out of a data breach. Some policies also cover the cost of retaining outside counsel to evaluate the firm's potential obligations for a breach.

Cyber Risk insurance can be designed to cover certain additional exposures:

  • Privacy and Security Liability
  • Business Interruption and Extra Expenses
  • Contingent Business Interruption
  • Cyber Extortion
  • Data Corruption
  • Media Liability

Strategic Approach

Our process for discussing Cyber Risk insurance is educational and consultative:

Phase 1

  • A "gap analysis" is performed - to determine where any possible coverage exists under existing insurance policies
  • Results are presented in a clear and concise format, with open dialogue
  • Based on the findings, we provide specific recommendations on how to address identified coverage gaps

Phase 2

  • We provide an application for Cyber Risk insurance and assist with any questions
  • We negotiate coverage options specific to our clients' individual needs
  • A detailed comparison of the terms and conditions of each offering is presented
  • We place a Cyber Risk insurance solution as directed by the client