What is a Waiting Period in Cyber Insurance?

Your business faces many risks, but an ever-present threat is cyberattacks. UK firms are uniquely positioned because the UK reported the highest rate of cyberattacks of any European nation.

For this reason, cyber insurance is a must-have for any business serious about its security. This guide discusses waiting periods in cyber insurance and how these policies protect you against business disruption.

How do cyberattacks cause business interruption?

Cyberattacks have various consequences for businesses that fall victim to them. Entrepreneurs are often unaware of the threat they face. According to government statistics, 57% of small firms suffered a cyberattack in 2022.

So, what type of business interruptions can result from a successful cyberattack against your company?

  • Downtime – Attacks like the Distributed Denial of Service (DDoS) attack can bring down your network, preventing you from operating anything that requires your critical systems.
  • Data Breaches – Cyberattacks that breach your organisation’s data can result in time taken away by lawsuits, investigations and fighting customer service fires. In the UK, the average cost of data breaches has increased by 8.1% in the last year.
  • Productivity Drop – IT teams and other employees must divert their attention from their day-to-day work to address the aftermath of a cyberattack. This ultimately results in a significant loss in productivity.
  • Financial Losses – Financial losses can arise from stolen funds, lawsuits, recovery costs, fines, etc. Significant financial losses can cripple your cash flow and prevent you from making the investment decisions you want.
  • Reputational Damage – High-profile attacks can result in the erosion of consumer confidence. Whether a cancelled contract or an existing client lost, every hit to your reputation disrupts your business operations.

These different types of business interruption merely scratches the surface of what is possible. According to the US National Cyber Security Alliance, 60% of small businesses that suffer an attack will close their doors within six months.

Due to the immense risk and disruption resulting from a cyberattack, every UK firm should have a comprehensive cyber insurance policy that protects them and approves claims quickly.

What is a waiting period in cyber insurance?

Waiting periods within cyber insurance are the specific periods that must elapse before you can make a relevant claim after buying your insurance policy. Any cyberattacks will not be covered under your insurance policy during the waiting period.

But why have a waiting period at all?

Cyber insurers include waiting periods to hold the company responsible for the initial period of downtime, meaning any short-term issues would not result in a claim being paid. 

All waiting periods are set by the insurer, meaning that times will vary. However, it’s common to have a 8-12-hour waiting period on most cyber insurance policies. Do ask your insurer about specific waiting periods for certain types of claims.

What is the indemnity period for cyber insurance?

The indemnity period is the period from which the business interruption first occurs to the point it ends. Similar to the above this is set by the insurers and can vary from policy to policy. 

The most common indemnity period we see on cyber insurance policies is 12 months. What this means is that any interruption to the business occurring after this period would not be included in any claim. It is important to consider how long it would take your business to recover from a cyber incident when assessing the indemnity period. 

Some factors that can help minimise any business interruption can include:

Risk Management – Insurers have indemnity periods to control their risk exposure. It allows them to assess potential payouts and provide accurate and affordable policy quotes for all.

Timely Reporting – Unpicking complex historical claims is notoriously time-consuming. Indemnity periods encourage timely reporting whilst the incident is fresh and easily assessed.

Business Continuity – Cyber incidents are unique because they have short-term and long-term effects on businesses. The indemnity period is designed to cover losses during a recovering business’s most vulnerable period, which is immediately after an attack.

Speak to an insurer about your indemnity period so that you can enter it into your incident response plan.

Does cyber insurance cover business interruptions?

Generally, cyber insurance will cover business interruptions. However, the key is that the interruption must originate from a covered incident.

For example, some insurers exclude coverage for disruption caused by social engineering fraud, such as spear phishing. Instead, they either don’t offer this coverage or make it available as an add-on.

Within the context of cyber insurance, some of the scenarios whereby your insurance would cover your losses caused by business interruptions include:

Ransomware Attacks – If your data becomes encrypted because of a ransomware attack, cyber insurance will typically cover all your losses during your recovery period.

DDoS Attacks – These attacks can overwhelm your servers and bring down your network, leaving your firm offline and helpless. Thankfully, your cyber insurance coverage can cover any loss of income whilst your business remains unavailable.

System Outages – Data breaches or infrastructure-based cyber attacks can also result in interruptions. Cyber insurance can provide you with a lifeline whilst your systems remain down.

How to protect your business against interruptions due to cyber attacks

Protecting your business against interruptions means initiating an action plan for prevention. With so many attack vectors, you require a multi-layered approach to cybersecurity, which may involve discussions with a security consultant.

Here are some top tips for reducing the chances of business interruption:

  • Install cybersecurity solutions like firewalls, intrusion detection systems and encryption tools.
  • Train employees to boost their awareness of common threats, such as phishing.
  • Create an incident response plan and test it via simulated exercises.
  • Back up data offline and maintain it in a separate location.
  • Use multi-factor authentication and Virtual Private Networks (VPNs) to allow secure remote access to your network.
  • Continuously monitor network activity and act against suspicious activity.

Above all, ensure that you hold a relevant cyber insurance policy. At Stanmore Insurance, we are proud to support UK businesses in finding the right cyber insurance for them. To learn more or get a quote, contact the Stanmore Insurance team today.