Through this policy Zurich becomes the first insurer to include network security monitoring and pre-breach services as part of its cyber insurance policy. The cyber insurance policy is consistent for Zurich customers worldwide.
“Cyber risks continue to be one of the biggest issues impacting UK businesses – not to mention the economy. It is therefore vital that Zurich continues to be at the forefront of this critical issue. We’re driving innovation with our new enhanced cyber insurance and cyber risk services offering to bring resilience and certainty to our customers in the face of the evolving cyber threat.” said Mark Bannon, head of Zurich’s Cyber Liability within EMEA.
In addition to previously covered offerings such as Breach Costs, Business Income Loss, and Dependent Business Income Loss, the new policy features coverages previously not offered:
• Affirmative GDPR and PCI wording – for regulatory proceedings, assessments, fines and penalties associated with the enforcement of GDPR and Payment Card Industry (PCI)
• Reputational damage coverage – for reputational damage associated with an adverse media event resulting from a cyber breach
• Social Engineering Fraud Transfer Coverage – for funds lost from a social engineering fraud event
• System Failure and Dependent System Failure coverages – for the failure of a system or the failure of a service provider’s system resulting in a business interruption
• Voluntary shutdown and crypto-mining
The policy provides coverage to $25 million and includes:
• Definition of insured person extended to include temporary employees, volunteers or interns
• Broad definition of computer system, including industrial control systems and bring-your-own-device (BYOD) programs
• New first dollar claims avoidance coverage built into the policy
Designed to be easy to read and follow, the new streamlined application includes simplified, clear language aligned with the National Institute of Standards and Technology (NIST) Cybersecurity Framework. It follows the NIST framework with questions that are easy to understand and complete.
Encouraging a Mindset of Resilience
With the launch of the new policy, Zurich becomes the first insurer to include network security monitoring and pre-breach services as part of its cyber insurance policy.
“Businesses must adopt a mindset of resilience rather than just protection,” said Gerry Kane, head of Zurich’s cyber risk engineering team. “It is part of our responsibility to encourage a culture of awareness from the board room to the mail room.”
Through its collaboration with ZenOpz, a leading managed security service provider (MSSP), Zurich cyber insurance policyholders around the globe can now receive complimentary 24/7 network security monitoring and vulnerability management services to assist companies in identifying specific risks that may exist and help them plan an effective path to remediation.
All Zurich cyber insurance policyholders have the option to engage with ZenOpz and thru them will have access to:
• Initial 360-degree review providing customers with a view of their overall data security program
• Security Intelligence Monitoring Service
• Continuous (24x7x365) Log Monitoring, Alerting and Reporting Services
• Weekly Vulnerability Scanning and Reporting Services with Patch Management recommendations
The first tier of cover includes the first 50 endpoints, at no additional cost for customers. Endpoints can be any network connected device that generates log data, including firewalls, servers, user workstations and connected laptops. Customers can add monitoring for more than fifty devices for an incremental fee to ZenOpz.
In the past several months, Zurich has made several key moves enhancing the delivery of its cyber solutions and services to its customers including expansion and restructuring of its cybersecurity and privacy team with enhanced focus on middle market customers; creation of a dedicated, in-house cyber risk engineering team; cyber threat intel from its new Cyber Fusion Center, and incorporation of a new insights tool for cyber underwriting.
In October, Zurich will release two new studies – one with the World Economic Forum (WEF) on executive opinions globally and in North America; and the 8th annual Advisen cyber survey results featuring the insights and attitudes of risk managers for businesses of all sizes and industries across North America.
To find out more about how Zurich is committed to helping businesses protect themselves from cybersecurity risks, go to https://www.zurichna.com/en/industries/technology/secpriv.