The level and sophistication of threats to information security has become an economic issue that no organization can possibly eliminate through network security systems and processes.

ProQuest has advised numerous law firms on their cyber risk coverage needs and has structured network and privacy security policies designed for the needs of their firm.

Security Risks IncreasingCyber security threats, especially targeted attacks using social engineering, are increasing with greater frequency and sophistication, leaving even smaller law practices vulnerable to customer data and intellectual property breaches.

Despite the implementation of advanced internet security systems, the financial management of network security for a large law firm needs to incorporate risk management services offered by specialty insurance protection.

Tailored Coverages
Newer standalone forms are now being developed that deliver tailored coverage facets in the form of a combined enterprise risk management program. Using a modular approach, the program responds to costs/expenses and liability emanating from both first-party and third-party risks.

First-party exposures originate from losses, costs, or damages that are directly incurred by the firm. These include:

  • Loss of data—Cost to recreate data and restore the network.
  • Loss of business income—Loss of income and extra expenses associated with containing damage, preventing attacks, and implementing contingency plans.
  • Loss of revenue—Income loss resulting from negative media reports and publicity; costs of public relations efforts to restore client confidence.
  • Electronic theft—Involving intangible property (data) or system resources.
  • Extortion—Cost associated with responding to demands by those threatening to damage or disrupt network or release sensitive or private non-public information accessed from your network.

Third-party exposures arise from an organization’s responsibility to others. These include:

  • Privacy injury—Unauthorized disclosure of sensitive or nonpublic private information.
  • Network security—Breaching the confidential information of others; inability to access/use information; infecting, damaging, or corrupting the information of others.
  • Content liability—Publishing material that is disparaging or infringing.

ProQuest will assist your firm in structuring a cyber risk program, which may include the following:

  • Privacy regulatory (defense cost and expenses)
  • Privacy breach notification costs and expenses
  • Network assets protection
  • Cyber extortion
  • Cyber terrorism
  • Multimedia liability
  • Privacy and network security liability
  • Remediation costs and loss of net income

In response to the growing demand for products tailored to technology risks, a multitude of insurers have expanded their capacity for cyber risk insurance products, including many markets also involved in the LPL space. In an environment where data may be valued more than money, insurance market solutions need to be explored to adequately protect against the liability of security failures.