HELPING JEWELERS BE SAFE, SECURE, AND SUCCESSFUL

The Clarity Blog

What is Cyber Liability Insurance?

on
Digital lock screen

Protecting your inventory from crime, fire, natural disasters, and shipping-related risks with a jewelers block insurance policy is a must.

However, it’s also crucial to recognize other risks, including those that stem from liability-related costs.

While some jewelers know that employment practice lawsuits and appraisal liability claims are a possibility, an even smaller percentage are aware of what may be the most concerning threat of our time: cybercrime.

Cybercrime continues to rise in both frequency and severity, and criminals continue elevating their tactics.

According to the 2023 Internet Crime Report, cyberattacks have led to $37.4 Billion in Total Losses for businesses in the last 5 years graphic

If there's any good news, it's that you can protect your business with cyber liability coverage. Learn more about what cyber liability insurance covers below.

 

What Does Cyber Insurance Cover?

Now more than ever, it’s critical for businesses to have the right cyber liability coverage. 

Cyber liability coverage can be added to a Businessowners Policy and covers first-party losses — such as loss of money incurred due to financial fraud — and liability claims where there's a duty to defend lawsuit or regulatory penalties are incurred.

First Party Losses: pays the policyholder for covered losses. 

Examples:

  • Coverage for expenses incurred in notifying parties of a privacy breach where there is no requirement by law to do so.
  • Coverage for PR expenses incurred in response to a security breach.
  • Coverage for reasonable and necessary money spent to recover and/or replace electronic data.

Third Party Losses: pays the victim of an accident caused by the policyholder 

Examples: Coverage for third parties due to liability resulting from things like...

  • Allegations of copyright/trademark infringement, libel, slander, plagiarism.
  • Data breach due to a failure to safeguard electronic or non-electronic confidential information.
  • Duty to defend coverage for fines imposed by banks or credit card companies due to non-compliance with Payment Card Industry Data Security Standards (PCI DSS).

 

Cyber Security Insurance Coverage Examples

Learn more about why you need cyber security liability coverage with examples provided by NAS Insurance Services: 

First-Party LossesThird-Party Losses
Privacy breach responseMultimedia liability
Network asset protectionSecurity and privacy liability
Cyber extortionPrivacy regulatory defense and penalties
BrandGuard®PCI DSS assessment
Cyber crime 

 

Privacy Breach Response

In addition to covering privacy breach response costs, this coverage also includes notification expenses and breach support credit monitoring expenses.

Cybersecurity Scenario

A network programming error caused the customer information of a mid-sized chain of jewelry stores to become publicly visible on the internet.

Approximately 8,700 customers were affected by the breach.

Insurance covered the breach response costs, including customer notification costs, IT forensic expense, legal fees, and public restoration expenses, all totaling more than $125,000.

 

Network Asset Protection

Coverage for income loss, interruption expenses, and data recovery costs incurred due to a variety of causes, from accidental damage of electronic media to cyber attacks.

Cybersecurity Scenario

A high-end watch retailer was the victim of ransomware carried out by a hacker who entered the retailer's computer system through a vulnerability in the network.

The malware installed by the hacker immediately encrypted data stored on the system, including accounting, payroll, sales receipts, and vendor records. The hacker demanded payment to unlock the data. The retailer could not process orders or shipments or otherwise maintain normal business operations while attempts to resolve the incident were underway.

Insurance covered the retailer's income loss of $15,000 resulting from the business interruption.

 

Cyber Extortion

Coverage for extortion expenses incurred and extortion monies paid as a direct result of a credible cyber extortion threat, including ransomware.

Cybersecurity Scenario

The owner of a jewelry repair store downloaded an e-mail attachment that appeared to be from his bookkeeper.

The attachment contained ransomware which, when downloaded, immediately encrypted files stored on his computer, including accounting and payroll records. when the owner tried to access a file, a message appeared on the computer screen demanding a ransom payment in Bitcoin to receive a decryption key.

With the help of an IT expert and legal counsel, the threat was determined to be credible, and the ransom was paid.

Insurance covered $10,000 in total damages for the ransom payment, IT fees and legal expenses.

 

BrandGuard

Coverage for loss of net profit incurred as a direct result of an adverse media report or breach notification following a security or privacy breach.

Cybersecurity Scenario

After reporting a data breach to state officials, a retail store was featured in a series of news reports concerning data breaches impacting local businesses.

One such report accounted the specific details of the breach experienced by the store and its response to the incident. The news report aired at the start of the holiday season. The store experienced a significant downturn in business due to the news reports.

Insurance reimbursed the store for the demonstrated loss of net profit resulting from the adverse media reports.

 

Cyber Crime

Coverage for losses incurred due to:

  1. wire transfer fraud
  2. fraudulent use of an insured telephone system
  3. phishing schemes that impersonate your brand, products or services, including the costs of reimbursing your customers for losses they sustain as a result of such phishing schemes

Cybersecurity Scenario

A jeweler received an e-mail from a supplier requesting that a payment in the amount of $58,450 be sent via wire transfer. After wiring the funds, the jeweler discovered that the wire transfer request was not legitimate; she has received a "spoof" e-mail, sent by a hacker posing as the supplier.

The jeweler's bank refused to return the funds because all wire transfer protocols were followed, and the wire appeared to be legitimate.

Insurance covered $10,000 of the fraudulent wire transfer.

 

Multimedia Liability

Coverage for claims alleging liability resulting from the dissemination of online or offline media material, including claims alleging copyright/trademark infringement, libel/slander, plagiarism, or personal injury.

Cybersecurity Scenario

A jewelry store owner received a "cease and desist" demand letter alleging copyright infringement after the owner pulled an image from a Google Images web search and used it on the store's website and online promotional material.

The copyright holder of the image was able to locate the website and promotional material and subsequently demanded removal of the image and compensatory damages.

Insurance covered the costs to defend the claim and compensatory damages.

 

Security Privacy Liability

Coverage for claims alleging liability resulting from a security breach or privacy breach, including claims alleging failure to safeguard personal information.

Cybersecurity Scenario

A jeweler completed the appraisal on a customer's collection of diamond jewelry and had her store manager email it the customer.

A few days later, the customer called and stated that she never received the completed appraisal, which alerted the store manager that the appraisal had been inadvertently sent to the wrong email address.

The appraisal contained personally identifiable information (PII). The customer filed a lawsuit against the jeweler for negligence and failure to safeguard confidential information.

RELATED: Guidance on the protection of personal identifiable information

Insurance covered defense costs and damages associated with the lawsuit.

 

Privacy Regulatory Defense Penalties

Coverage for regulatory fines and penalties and regulatory compensatory awards incurred in privacy regulatory proceedings/investigations brought by federal, state, or local governmental agencies.

Cybersecurity Scenario

A national jewelry store chain discovered malware operating on point-of-sale (POS) devices at several of its locations. The malware was designed to access payment card data, including customer names and card numbers, from cards used the POS devices.

The jewelry store chain disclosed the breach in a press release, and a customer affected by the breach subsequently filed a consumer complaint with the Federal Trade Commission (FTC). The FTC investigated and found that a lack of technical safeguards contributed to the theft of credit card data. The FTC ordered payment of civil fines and penalties for unfair data security practices.

Insurance paid for the defense costs and fines and penalties incurred in the FTC investigation.

 

PCI DSS Assessment

Coverage for assessments, fines, or penalties imposed by banks or credit card companies due to non-compliance with the Payment Card Industry Data Security Standard (PCI DSS) or payment card company rules.

Cybersecurity Scenario

A security breach of a jewelry store's card reader system resulted in the exposure of credit card data of over 2,000 cardholders.

An investigation of the security breach determined that customers' credit card data had been 'skimmed' off the compromised system by criminals to be sold on the black market, and the store failed to maintain the required data security controls under the PCI DSS.

RELATED: How to spot and avoid credit card skimmers

The acquiring bank imposed fines and assessments in the amount of $380,000 against the store for failing to comply with PCI DSS. Insurance covered the PCI DSS fines and assessment.

 

Learn More About Keeping Your Jewelry Business Safe

Want to learn more on how you can keep your jewelry store safe 24/7? Read our comprehensive Jeweler Security Guide by clicking the button below.
 

Read the 24/7 Jeweler Security Guide

 

 

Contact Us

If you have a media-related question, please email us at [email protected].

About Jewelers Mutual Group

Jewelers Mutual was founded in 1913 by a group of Wisconsin jewelers to meet their unique insurance needs. Later, consumers began putting their trust in Jewelers Mutual to protect their jewelry and the special memories each piece holds. Today, Jewelers Mutual continues to support and move the industry forward by listening to jewelers and consumers and offering products and services to meet their evolving needs. Beyond insurance, Jewelers Mutual’s powerful suite of innovative solutions and digital technology offerings help jewelers strengthen and grow their businesses, mitigate risk, and bring them closer to their customers. The Group insurers’ strong financial position is reflected in their 37 consecutive “A+ Superior” ratings from AM Best Company, as of November 2023. Policyholders of the Group insurers are members of Jewelers Mutual Holding Company. Jewelers Mutual is headquartered in Neenah, Wisconsin, with other Group offices in Dallas, Texas and Miami, Florida. To learn more, visit JewelersMutual.com.