My brother and I run a CA firm in Delhi with 20 other team members. We became victims of cyber fraud recently A hacker managed to get unauthorised access to our client’s confidential information and led us straight into data theft. We reported the crime to our nearest cyber cell and were able to mitigate the damage by tracing the hacker. Is there any insurance policy that I can purchase to secure my firm and myself from such incidents of fraud? In addition, are these policies affordable?-

Purushottam Bansal, Delhi 

It is a traumatic experience to be a victim of cyber fraud in the age of thriving technology. Unfortunately, the instances of unauthorised access are becoming fairly common in India — be it personal or business-related. It becomes even more damaging when the data of a third party is involved, like that of your client in this case, as it directly impacts the company’s reputation and trustworthiness.

Having said that, I congratulate you on two counts. First, your first response to the security breach was completely by the book — containing the incident by being able to trace the hacker and notifying law enforcement. Second, your realisation of the need for an insurance policy to prevent such incidents in future, not only for your firm, but also for yourself, is commendable.

While it is imperative to implement robust cyber security measures, it is also important to have comprehensive cyber insurance, in case those measures ever fail. You should consider a cyber insurance policy that covers data breach and privacy liability, business interruption cover as well as cyber extortion protection. So if a hacker gains access to your sensitive data, the insurance will cover the costs of notifying clients, legal fees and, in certain cases, even public relations expenses. The policy will also cover the costs of investigating the breach, repairing or restoring your systems, and compensating clients for losses due to the breach. If your business is unable to operate due to a cyber attack, the policy may also cover lost income, extra expenses, and other costs associated with the interruption, depending upon the kind of coverage you opt for.

Being a business owner, you can also consider securing yourself with an individual cyber insurance policy as well to protect yourself from losses due to breach of personal data. For instance, a policy that covers cyber extortion provides protection if a hacker threatens to release sensitive information or cause damage to your network unless you pay a ransom. It can cover the costs of negotiating with the attacker, paying the ransom, and other related expenses. In today’s times, identity theft is also a common cyber crime. A personal cyber security insurance policy can help you recover your stolen identity and cover associated expenses. These policies also cover legal expenses if you fall victim to online harassment, cyber bullying, and stalking.

The cost of cybersecurity insurance policies can vary depending on the level of risk you face, and the coverage you choose. However, the cost of these policies would be much less than the cost of responding to a cyber attack without the insurance. Cyber insurance policies for individuals in India are available from ₹650 to ₹700 annual premium for ₹1 lakh sum assured. 

It is important to assess the potential risk to your business and consult with an insurance professional to determine the right coverage for your specific situation. In addition to insurance, there are also several steps you should take to strengthen your cyber security, such as regularly updating your software, implementing stringent authentication protocols, and providing cyber security awareness training to your team members. Taking these steps along with purchasing insurance can help reduce the risk of a cyber attack and minimise the potential impact of a successful attack.

Sarbvir Singh is CEO, Policybazaar.com