Pillsbury's tips for reviewing cyber insurance policies—what to look for, ask for and include before you buy.
- Make sure your policy limits and sublimits are adequate
- Request "retroactive" coverage for prior, unknown breaches
- Watch out for "panel" and "prior consent" provisions that purport to tie your hands in responding to a breach
- Get coverage for claims resulting from your data vendors' errors and omissions, not just your own
- If you handle data for others, make sure your liability to them is covered too
- Seek coverage for "loss" of data, not just data theft
- Dovetail your cyber insurance with data vendor indemnities to maximize both
- Harmonize cyber coverage with your other insurance
- Get a subrogation waiver from your cyber insurer
- Negotiate favorable defense provisions
Download: Perspectives on Insurance Recovery - Summer 2012