One system hack can shut down a business. One policy can protect it.
Introducing Travelers Canada CyberRisk™.
One stolen laptop or one resourceful hacker can cause a data breach with enormous consequences, both financial and reputational. In 2011, according to the Ponemon Institute, the average cost of a data breach was $5.5 million.
Since 2008, more than 500 million data records from U.S. businesses of all types and sizes have been compromised, including those containing customers’ private information and companies’ financials. In Canada, the number of data breaches was up 29 percent in 2010, with over 350 breaches voluntarily reported, according to the Privacy Commissioner of Canada.
One coverage solution for all your cyber exposures
You need contemporary coverage that can take on the full range of risks to your data and systems. Travelers Canada CyberRisk™ has the essential features you need for today’s and tomorrow’s technology exposures.
Travelers Canada CyberRisk™ boasts 10 insuring agreements, which together deliver a truly comprehensive coverage solution.
Flexible and scalable
Coverage can be customized to reflect your needs. And smaller businesses can enjoy the same type of coverage available to larger businesses.
We know cyber
We have been writing technology-related coverages for over 25 years. We are also a leading writer of related specialty crime coverages. We know what it takes to craft the right program to cover cyber exposures.
Key coverages and features of Travelers Canada CyberRisk™
- Third party (liability) and first party coverage – Protecting the insured for its liability to others and reimbursing the insured for expenses incurred
- Worldwide coverage – Applies to claims made or events occurring anywhere in the world
- Ten distinct insuring agreements – With the ability to set limits and retentions for each insuring agreement
- Defence option – Option to select duty to defend or reimbursement coverage at policy inception
- Maximum retention cap – For claims covered under more than one liability insuring agreement or events covered under more than one first-party insuring agreement
- Non-cancellable by insurer – Except for non-payment of premium
- Extended reporting period – Applies to crisis event management and security breach expense coverage
- Automatic 90-day extended reporting period – For first-party coverages
- First-party coverage for computer program and electronic data restoration expenses
- First-party coverage for computer fraud and funds transfer fraud – Protection for fraudulent transfer of money or securities, or, with respect to computer fraud, other property
- E-commerce extortion coverage – Applies to computer viruses and denial of service attacks
- Business interruption coverage – Extends to denial of service attacks
- Coverage for security breach remediation and notification expenses extends to:
- Purchase of an identity fraud insurance policy
- 365 days of credit monitoring services
- Defence expense regulatory claim coverage – Not limited to specific governmental agencies and includes claims by any state attorneys general in the United States
- Communications and media coverage – Applies to content in any electronic format including websites and electronic mail
- Coverage extends to claims seeking – Non-monetary relief and arbitration, mediation or similar alternative dispute resolution proceedings
- Coverage for punitive or exemplary damages on a most favourable venue basis
- Network and information security coverage extends to:
- Electronic or non-electronic data and is not limited to e-commerce, website or other specified activities, or only to information “on premises”
- Medical or health care information
- Any private personal information that is protected under any local, provincial, state, federal or foreign law
- Failure to provide notification required by ANY security breach notification law
- Claims made by employees
- Defence expense coverage for regulatory claims – For network and information security coverage and communications and media liability
- Coverage for unfair business practice claims under network and information security or communication and media insuring agreements – If such practices directly result from a network and information security wrongful act or a communications and media wrongful act
- Network and information security coverage is not narrowed by exclusions for:
- Failure to maintain a computer network or system
- Failure to maintain risk controls
- Lack of performance in software
- “Spyware,” “cookies” or other invasive devices or methods used to collect private information
- Trading losses
For more information please contact Geoffrey H. Binks , CAIB, CCIB (Ont.), Vice-President Commercial Division (613) 226-1350