Cyber Insurance for Municipalities – What it Covers and why you Need it.

​Some of the largest ransomware attacks we’ve seen in the news this year impacted municipalities and public entities. In fact, in 2020 over 40% of the global cyberattacks were directed towards municipalities! These attacks can result in data being lost, ransomed, or even stolen. In addition, you can suffer from loss of access to email, telephone systems, and websites as well. There’s no question that municipalities are increasingly targets of cybercriminals, and purchasing comprehensive Cyber Insurance in combination with other proactive defense measures will lessen the likelihood of an attack and can mitigate financial loss and damages should one occur.
 
Why do I need cyber insurance?
While the following list is not exhaustive, it covers the most common attacks from cybercriminals today:

1. Malware:  Cybercriminals use this type of attack to access financial data, medical records, emails, passwords, etc.
   
2. Spyware:  Spyware is used to access your employee’s login information, which can give the cybercriminal access to any data on your servers.
   
3. Ransomware:  This is the fastest growing area of attack.  Your files and servers are encrypted and you receive a ransom demand in order to return the encrypted data to you.
   
4. Phishing:  We’ve all received these fake emails from someone we know asking us to provide sensitive information or even money.
   
5. Hacking:  If you are hacked, you are responsible for any sensitive personal data you maintain on customers which may fall in the hands of the cybercriminals – this can create a huge liability.
   
6. Viruses or worms:  These often require extra IT help to find the source and recover lost information.  In addition, viruses will often ruin hardware and software, forcing you to replace damaged equipment.

 
What does cyber insurance cover?
If you experience an attack you could be responsible for financial damage to third parties, fees and fines, forensic costs, legal fees, hardware replacement or even reputation rebuilding. While coverages can vary greatly depending on the policy, below is an outline of the coverages available through CFC Underwriters and exclusively available to IAMU Safety Group members. For additional detail click here.

1. Third-Party Liability:  This covers the cost of notifying anyone affected by a data breach as well as costs associated with damages or settlements that have to be paid to those affected by a breach. In addition, our CFC Cyber policy includes coverage for media liability associated with alleged defamation or intellectual property rights infringement.
2. First-Party Costs:  This will cover legal costs associated with a cyber attack including settlements, government fines, or fees. In addition, our comprehensive policy includes coverage for system damage and rectification costs as well as income loss and extra expense associated with an attack.
3. Cyber Crime and Extortion:  While often not included on every policy, this coverage is standard with the IAMU Safety Group program and covers things like ransom demands, funds transfer fraud due to social engineering or phishing, as well as telephone hacking or customer payment fraud.    
4. Loss of Reputation:  Sometimes called crisis management or reputational harm, this will cover the cost of repairing damage done to your reputation such as public relation costs and marketing costs associated with recovering from an attack.

 
If you’re concerned with the amount or availability of your existing coverage and would like a quote, please contact:
​
Mark Stearns
Account Executive
Jester Insurance
mstearns@jesterinsurance.com
P. 515-350-7674
C. 515-631-0338