comparing-a-cyber-loss-and-a-fire-loss Back to news grid

Comparing a cyber loss and a fire loss

No one wants to have to claim on their insurance. All losses have a detrimental effect on individuals and businesses alike. They can affect business continuity, lead to loss of reputation and, at worst, imperil the very existence of companies.

With the rise in cyber-crime, there has been a rise in insurance claims. Cyber-crime is insidious, unseen and potentially multi layered and intricate. With other physical losses, such as fire, it is likely that you will have a good idea as to what to do in the event of a claim.

Cyber can feel more complex due to it being a newer risk and its intangible nature. We have put together the instructive table below which outlines how a cyber loss can be more similar to a traditional fire loss than you might first think.

Fire loss – Electrical fault causes massive fire at head office premises

Immediate reaction:

  • Fire needs to be extinguished.

Immediate consequence:

  • Building cannot be accessed.

Secondary reactions:

  • Alternative office space is required.
  • Cause of fire needs investigating.
  • New equipment needs to be purchased.
  • Offices need to be rebuilt.
  • Office fit out.
  • Loss of time having no offices.
  • Lost sales.
  • Crisis containment/PR.
  • Fines and penalties.

Secondary consequences:

  • Alternative accommodation requires paying extra rent.
  • Loss adjusters’ costs.
  • Investigations take up management time.
  • Funds required for new equipment.
  • Funds needed to rebuild/repair damage, depending on the severity of the fire.
  • Funds required for replacing lost contents.
  • Overtime required to catch up with the down time to minimise impact on business.
  • Having no office can result in a direct loss of custom, new orders cannot be taken, existing orders are delayed and there is a direct impact on cash flow.
  • Business moves to competition.
  • In the event of a fire loss, a company would want to reassure its customers that it’s still able to trade and fulfil requirements to help minimise the damage to a company’s reputation and any loss of trading. This could extend to any environmental impact and responses may include a formal communication strategy to running a 24/7 crisis press office, depending on the severity.
  • H&S investigations may possibly lead to fines of prosecution.

Cyber loss – Employee clicks on malicious link and systems are encrypted

Immediate reaction:

  • Virus needs to be removed from the system.

Immediate consequence:

  • IT systems cannot be accessed.

Secondary reactions:

  • Alternative means of communication and working required in the short term.
  • Cause of computer failure needs investigating to prevent reoccurrence.
  • New ‘clean’ equipment is required that is virus free.
  • Systems need rebuilding, data needs to be reconstructed.
  • Systems need testing to see if they work before roll out.
  • Lost time in having no systems.
  • Lost sales.
  • Crisis containment/PR.
  • Fines and penalties.

Secondary consequences:

  • Labour intensive as creates large amounts of offline information.
  • Specialist IT forensic teams are highly expensive.
  • Investigations take time which means systems are still inaccessible.
  • Some equipment might be irrevocably damaged in the attack and needs replacing.
  • It takes time – data which cannot be restored from backups needs to be manually restored. This means it could be labour intensive as extra staff are required.
  • Creates time delays and prevents use of systems, compounding extras costs once systems are restored.
  • Overtime to catch up – all the information created offline now needs to be entered back on to the system.
  • No IT systems means new orders cannot be processed, existing orders are lost, invoices cannot be generated and sent out and there’s a direct effect on cash flow.
  • Business moves to competition.
  • In the event of a data breach, prompt and confident notification and communication is critical to help minimise the damage to a company’s reputation. Responses may include a formal communication strategy to running a 24/7 crisis press conference depending on the severity.
  • GDPR/ICO investigations and penalties, PCI investigations and fines.

While Cyber Insurance cannot stop hackers and cybercriminals, it can help you get back on your feet if you are a victim of cybercrime. This includes recovering data, restoring systems and loss of income. With more businesses relying on digital channels and operating remotely during the pandemic, having Cyber Insurance has never been so important.


Share this story on your social media:

Share this story on your social media:


Huddersfield office

Northumberland House
Northumberland Street

Huddersfield
West Yorkshire
HD1 1DT

Tel: 01484 820000

Sheffield office

4 Park Square
Newton Chambers Rd

Thorncliffe Park, Chapeltown
South Yorkshire
S35 2PH

Tel: 0114 2965760

#theeastwoodway  |  hello@eastwoodib.co.uk

Eastwood Insurance Brokers is a trading style of Eastwood and Partners Ltd, authorised and regulated by the Financial Conduct Authority. Registered office: Northumberland House, Northumberland Street, Huddersfield HD1 1DT. Registered in England and Wales company no. 2560460.

Our privacy notice