“A strong cybersecurity strategy is critical for businesses of all sizes,” said Paul Horgan, head of North America Commercial Insurance. “The new Zurich Cyber Insurance Policy offers more expansive coverage for greater risk protection; and reinforces the importance of resilience with access to network security monitoring.”
In addition to previously covered offerings such as Breach Costs, Business Income Loss, and Dependent Business Income Loss, the new policy features coverages previously not offered:
- Affirmative GDPR and PCI wording - for regulatory proceedings, assessments, fines and penalties associated with the enforcement of GDPR and Payment Card Industry (PCI)
- Reputational damage coverage - for reputational damage associated with an adverse media event resulting from a cyber breach
- Social Engineering Fraud Transfer Coverage - for funds lost from a social engineering fraud event
- System Failure and Dependent System Failure coverages – for the failure of a system or the failure of a service provider’s system resulting in a business interruption
- Voluntary shutdown and crypto-mining
The policy provides coverage to $25 million and includes:
- Definition of insured person extended to include temporary employees, volunteers or interns
- Broad definition of computer system, including industrial control systems and bring-your-own-device (BYOD) programs
- New first dollar claims avoidance coverage built into the policy
Designed to be easy to read and follow, the new streamlined application includes simplified, clear language aligned with the National Institute of Standards and Technology (NIST) Cybersecurity Framework. It follows the NIST framework with questions that are easy to understand and complete.
Encouraging a Mindset of Resilience
With the launch of the new policy, Zurich becomes the first insurer to include network security monitoring and pre-breach services as part of its cyber insurance policy.
“Businesses must adopt a mindset of resilience rather than just protection,” said Gerry Kane, head of Zurich’s cyber risk engineering team. “It is part of our responsibility to encourage a culture of awareness from the board room to the mail room.”
Through its collaboration with ZenOpz, a leading managed security service provider (MSSP), Zurich cyber insurance policyholders around the globe can now receive complimentary 24/7 network security monitoring and vulnerability management services to assist companies in identifying specific risks that may exist and help them plan an effective path to remediation.
All Zurich cyber insurance policyholders have the option to engage with ZenOpz and thru them will have access to:
- Initial 360-degree review providing customers with a view of their overall data security program
- Security Intelligence Monitoring Service
- Continuous (24x7x365) Log Monitoring, Alerting and Reporting Services
- Weekly Vulnerability Scanning and Reporting Services with Patch Management recommendations
The first tier of cover includes the first 50 endpoints, at no additional cost for customers. Endpoints can be any network connected device that generates log data, including firewalls, servers, user workstations and connected laptops. Customers can add monitoring for more than fifty devices for an incremental fee to ZenOpz.
“Helping our customers understand the threats they are facing and the available solutions is one of the more important roles we play here at Zurich,” said Michelle Chia, head of Specialty E&O for Zurich North America.
In the past several months, Zurich has made several key moves enhancing the delivery of its cyber solutions and services to its customers including expansion and restructuring of its cybersecurity and privacy team with enhanced focus on middle market customers; creation of a dedicated, in-house cyber risk engineering team; cyber threat intel from its new Cyber Fusion Center, and incorporation of a new insights tool for cyber underwriting.
In October, Zurich will release two new studies – one with the World Economic Forum (WEF) on executive opinions globally and in North America; and the 8th annual Advisen cyber survey results featuring the insights and attitudes of risk managers for businesses of all sizes and industries across North America.
To find out more about how Zurich is committed to helping businesses protect themselves from cybersecurity risks, go to https://www.zurichna.com/en/industries/technology/secpriv.
In addition, Zurich North America’s Cybersecurity Knowledge Hub site is loaded with valuable content, including information on the new coverage (with a link to the Zurich Cyber Insurance Policy brochure), information on our Cyber Risk Engineering Services. You can visit the Knowledge Hub at https://www.zurichna.com/en/knowledge/topics/cybersecurity.
About Zurich
Zurich Insurance Group (Zurich) is a leading multi-line insurer that serves its customers in global and local markets. With about 53,000 employees, it provides a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, as well as multinational corporations. The Group is headquartered in Zurich, Switzerland, where it was founded in 1872.