Beazley‘s new Breach Response Cyber Risk product has some new wrinkles worth paying attention to.
The notification costs section of the prior policy has been replaced by the Breach Response section of the policy. The breach response section of the policy will provide notification (including credit monitoring) for up to 2 million individuals plus up to $250,000 for forensic and legal expenses related to notification. The Breach Response Services are provided in addition to the policy limits applicable to the defense and indemnity of any claim made against the insured.
Target markets include:
Healthcare organizations (including hospitals, doctors’ groups and health insurers),
Higher educational institutions with revenues of more than $50 million,
Retail and hospitality companies with revenues of between $50 million and $3 billion.
$10 million capacity is reported.
Beazley Breach Response also features low retentions for this line of coverage – between $10,000 and $20,000 for attorneys’ fees, computer expert expenses and notification costs, and a retention of between 100 and 250 notified individuals for credit monitoring services.
The policy agrees to pay the costs of the notification for up to 2 million individuals. I interpret this change to a 2 million individuals limit (policies generally have $ limits, not per person limits) to be a response to the very substantial losses that some Cyber Risk carriers have paid for notification costs. It also has the added benefit to the insured that per individual costs don’t have to be estimated when selecting limits.
Interesting – I wonder if other carriers will follow suit?