Crime insurance, also known as fidelity insurance or employee dishonesty insurance, is designed to protect businesses against financial losses resulting from criminal acts committed by employees or third parties. It typically covers the following:
- Employee dishonesty: Losses due to employee theft, embezzlement, or fraudulent activities.
- Forgery or alteration: Losses resulting from forged or altered financial instruments.
- Computer fraud: Losses caused by fraudulent computer-related activities, such as hacking or funds transfer fraud.
- Funds transfer fraud: Losses arising from unauthorized electronic funds transfers.
- Counterfeit money: Losses due to the acceptance of counterfeit currency.
Cyber insurance, also referred to as cybersecurity insurance or data breach insurance, is designed to protect businesses against losses resulting from cyber threats and data breaches. It typically covers the following:
- Data breaches: Costs associated with data breaches, including forensic investigations, customer notification, credit monitoring, and potential legal liabilities.
- Cyber extortion: Coverage for expenses related to ransomware attacks or other forms of cyber extortion.
- Business interruption: Losses resulting from system disruptions or downtime caused by cyber incidents.
- Privacy liability: Legal costs and damages resulting from violations of privacy regulations or laws.
- Network security liability: Coverage for legal costs and damages arising from third-party claims related to network security failures.
While there can be some overlap between crime insurance and cyber insurance, they primarily cover different types of risks. Crime insurance focuses on financial losses resulting from criminal acts by employees and external parties. It includes coverage for employee dishonesty, fraud, forgery, and other forms of traditional criminal activities.
On the other hand, cyber insurance specifically addresses risks related to cyber threats, data breaches, and other cyber incidents. It covers costs associated with data breaches, cyber extortion, business interruption, and liabilities arising from privacy or network security failures.
However, there can be scenarios where the two types of insurance overlap. For example, if a cyber incident involves employee fraud or embezzlement, both crime insurance and cyber insurance may come into play to cover different aspects of the loss. In such cases, it's essential for businesses to carefully review their insurance policies and consult with their insurance providers to understand the extent of coverage and any potential gaps.
Business Need Both Kinds of Coverage
These two types of risks are the largest overlap between the two types of insurance policy because both risks involve criminal activity and direct losses but also occur in cyberspace and incur indirect losses.
Outside of instances where the policies overlap, the clearest way to delineate what event will trigger which type of coverage is to define if the loss was direct or indirect, tangible or intangible. But even that isn’t 100% accurate.
That’s why having both types of coverage is essential. With both policies, an organization has the broadest protection possible. In some instances, double coverage will provide additional protection for those instances of overlap, like with social engineering and FTF.
It's worth noting that the specific coverage and terms of insurance policies can vary widely depending on the insurance provider and the policy itself. Therefore, it's crucial to review the policy documents and consult with an insurance professional to understand the precise coverage offered by each type of insurance and any potential areas of overlap.