Can you afford not to have cyber cover?
Published: Monday, 19 July 2021
Cyber cover offers immediate access to specialist experts to limit damage
and restore your systems
Solicitors have been one of the major targets for “scammers” and “hackers” recently. The combination of large amounts of funds moving digitally and the wealth of confidential client data have provided rich pickings for this modern brand of criminal.
30 of the 40 firms who responded to a recent SRA survey (see the link below) had been the target of a cyberattack:
- 23 of the 30 cases in which firms were directly targeted saw a total of more than £4m of client money stolen.
- Of the £4m lost, £3,665,799 was claimed against insurance policies, a further £393,890 had to be paid out by 18 firms from the firms’ own money.
- One firm lost around 150,000 billable hours after an attack crippled their system.
- Two large law firms were targeted more than 100 times each year.
- 31 firms had been successfully targeted in ransom attacks.
These are startling statistics and if those numbers were to play out across the wider profession, then you can see the scope of the problem.
The type of scam that Solicitors have become most associated with is the email hacking, often on a property transaction, where details are subtly changed leading to the transfer of client funds to the wrong account and disappearing into cyberspace.
Which cyber losses are covered under your solicitor’s PI policy?
The SRA are currently clarifying with insurers what is and isn’t covered under an SRA compliant PI policy. Most client money losses will be covered and it is likely, as the policy has a Civil Liability wording, that claims such as breach of confidentiality will also be covered.
After a cyber-attack, there are many costs that you may not be covered for including lost management time, damage to client relationships, negative PR, fee income lost in billable hours not to mention higher insurance premiums in the future. Whilst Solicitors start from a better place in terms of insurance cover than many professions, Cyber insurance is still a key cover.
What does Cyber Insurance cover?
Cyber Incident Response Support Services
The most important feature of a cyber policy is probably not the insurance.
Cyber attacks occur randomly without warning. When first noticed, firms need swift access to expertise. All good quality cyber policies provide a range of specialist support. Most are activated by a single phone call or email to immediately engage appropriate experts in data, IT security, forensics, data compliance, legal, and public relations.
Widescale attacks invariably mean that many businesses seek support at the same time and speed of response is vital in understanding the extent of the problem and limiting any damage. Insurers have pre-agreed panels with multiple layers of experts in all fields. Crucially, Insurers will have negotiated lower charge out rates reducing the cost to the policyholder. When services are in demand, costs can rocket without pre-agreed rates.
First Party and Third Party Cover
Insurers typically refer to the cover provided as 'First Party' (these are costs/ losses that you incur) and 'Third Party' (claims against you from others for losses caused by the data incident).
Your First Party costs might include:
- Losses of your own Firm’s money.
- Forensic IT costs of investigating, controlling and removing any threat.
- Notifying the Information Commissioner's Office.
- Notifying the data subjects affected and offering them credit monitoring services into the future.
- Legal, compliance and PR advice (to manage reputational damage to your firm).
- Help from skilled professionals in the event of ransom demands.
- Business interruption:
- Regulatory enquiry costs and possible fines.
A cyberattack can instantly cripple a firm and stop work-in-progress in its tracks. Business interruption support will get you back up and working as quickly as possible and will also help with the cost of repair, restoration or replacement of key technology and systems.
Third Party claims against you might include:
- Loss of client money or other client assets.
- Exposing your clients to the risk of identity theft, bogus loan or mortgage applications, or other financial loss using their data.
- Client costs of monitoring their credit ratings.
Vigilance and staff training are key
The first key line of protection for any firm from cyber-attack must be for all firms to remain vigilant and to ensure that all staff have the appropriate training to be able to identify, and potentially prevent, a catastrophic cyber incident occurring to your firm.
However, with cybercrime on the increase and cyber criminals becoming ever more sophisticated and brazen, cyber insurance is more important than ever and it is difficult to see anything other than that trend continuing.
With policies available at a modest cost, and the potential of eye-watering claims, cyber should be a key part of your firm’s defence and continuity planning.