Got Cyber Insurance?

By Deborah Radcliff

August 21, 2000 12:00 PM ET

Computerworld - Thanks to a crippling series of computer attacks in 1998, Seattle-based Viznet Inc., an online merchant exchange network service provider once valued at $1 million, is now selling off its customer lists for $50,000. The worst damage occurred when the attacker spammed Viznet's 90 merchant customers, claiming Viznet was a cover for a pedophile ring. The attacker, a former programmer at the company, knew that the wife of owner/operator Jim Vizner owned a day care center.
Vizner calculates that direct losses - denials of service, replacing data that was chewed off the hard drives, customer attrition and public relations costs - amounted to $340,000. As those losses piled up, he called his insurance company.

			Read the Fine Print Because security liability insurance is so new, attorneys and buyers suggest that before you buy a policy, have someone - preferably an insurance or technical attorney - go over it with a fine-tooth comb. Some questions to ask: • Does the policy cover all areas of risk, indirect and direct damages incurred from carelessness and attacks, and viruses from within and without? • Does the insurer require a thorough security assessment? Can you get competitive bids? How does its criteria stand up against those of others? • How often does the insurer perform cybersecurity "inspections"? • Does the insurance policy pass the review of an IT and/or insurance attorney?

That ended up costing him the most dearly - 18 months of his life spent away from the languishing Viznet while he battled with the insurance company and visited insurance regulatory agents and attorneys. No payout on benefits ever materialized. And now, all his calls to the insurer are referred to an attorney.
"My business is gone. My wife's business is gone. Now, I just hope we can hold on to our house," says a disheartened Vizner.
Vizner could have protected his company with cyberliability insurance. The problem is, such insurance wasn't even around when the attacks started. Even if it had been, it would have been expensive. The average entry point for such policies is around $20,000 per year, with high deductibles.
Traditional Policy Exclusions
Insurance companies can't very well apply brick-and-mortar costing and actuaries that were framed in the 1960s to digitized assets. They're still answering some tough questions: How do you determine the value of the data at risk? How do you conduct "cyber" inspections? And how do you determine acceptable risk levels, let alone evaluate losses?
"Insurance companies, like all industries, are just now coming to grips with

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

ESG Lab Field Audit
Many companies have successfully implemented Riverbed WAN optimization solutions within their Cisco networks. This ESG Lab Field Audit document explores the success that...

Security Configuration Management
In this web video, follow along with Jim Hansen, Senior Product Manager with Big Fix, as he explains why Security Configuration Management is...

Shape Your Apps Strategy to Reflect New SaaS Licensing and Pricing Trends
Why are smart companies choosing software-as-a-service? Find out in the complimentary Forrester Research report...

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

2007 Gartner Magic Quadrant Report
Riverbed positioned in Leaders Quadrant of Gartner Magic Quadrant for WAN Optimization Controllers. Analyzing strengths vs. cautions, Gartner helps organizations looking to acquire...

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

Business Value of Performance IDC Whitepaper
Are you looking for a comprehensive solution that addresses insufficient or congested bandwidth, impaired application performance, slow remote backup and replication or obstacles...

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Unified Application Delivery
This white paper explores how by providing a unified Application Delivery Networking platform, F5 BIG-IP offers the ability for organizations to adopt a...

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

All White Papers | All Webcasts