Comprehensive Data Compromise, Computer Attack Solution
Individuals, businesses and government entities continue to be concerned about falling victim to a cyber-crime or data breach. These concerns are not lost on MCIT or its members. As such, MCIT provides a comprehensive program of data compromise and cyber-attack coverage, including hacking, malware, ransomware (cyber extortion), viruses and even simple acts of neglect by employees.
Cyber Suite Coverage Summary
The MCIT data compromise and cyber-attack coverage solution (Cyber Suite) is issued and administered by Hartford Steam Boiler (HSB). HSB’s suite of coverage is provided to all MCIT members without the need for an underwriting questionnaire.
Cyber suite is comprised of five separate coverage sections providing a combination of first and third-party coverages. The coverage is designed to cover first-party expenses incurred by the member when responding to a personal data compromise or computer attack. It also provides liability defense and settlement cost coverage when responding to third-party claims made against the member by individuals affected by a data compromise, network security or electronic media incident.
Cyber suite coverage is provided to MCIT members on an annual aggregate basis. Generally, county members have a $250,000 coverage limit and noncounty members have a $50,000 coverage limit, which is provided to MCIT members at no cost. Members have the option of purchasing increased coverage limits up to $1 million if they qualify. Importantly, the applicable coverage limit is apportioned equally between first- and third-party coverages and apportioned further by the application of settlement, defense and sublimited coverages.
Members should refer to their declarations pages in their current MCIT Coverage Document for a listing of their specific coverage limits and sublimits by coverage section.
- First-party data compromise response expense coverage is for members responding to a compromise arising from the loss, theft, accidental release or publication of personally identifying or personally sensitive information (e.g., health information, Social Security numbers or account numbers) that could be used to commit fraud or other illegal activity against the individual. Importantly, a data compromise event does not have to arise from the use of a computer or cyber-activity.
- Third-party data compromise and liability coverage responds to a covered liability claim or regulatory proceeding against the member arising from its data compromise. Coverage applies to the defense and settlement of the claim.
- First-party computer attack response expense coverage responds to a member’s discovery that a computer attack, such as a hack or unauthorized access to a computer system, attack by a virus or other malware, or a denial of service attack (cyber extortion/ransomware) to the member’s system has affected a computer owned or leased by the member or a computer operated by a third-party hosting service provided under contract.
- Third-party network security liability coverage responds to a covered liability claim or regulatory proceeding against the member arising from an attack on the member’s computer system.
- Third-party electronic media liability coverage responds to a covered liability claim alleging that information displayed on the member’s website resulted in: 1) the infringement of another’s copyright, trademark, title or service name; 2) defamation against a person or organization; or 3) a violation of a person’s right of privacy.
The above is a brief summary of the coverage provided. Members should read the entire section related to this coverage in the current year’s MCIT Coverage Document for a full explanation of the coverage and conditions and be alert for MCIT educational resources.