Understanding your cyber coverage

Your cyber policy provides coverage for cyber-related third party liability claims, first party losses and cybercrime claims. A copy of the policy is available to law firm designated representatives through the law firm information section of the Law Society Member Portal.

We are providing brief descriptions of what is covered under your cyber protection policy. These are for informational purposes only. Your policy wording will govern.

Third party liability for security, privacy and media breaches:

Network and information security liability A failure in your computer security, an unauthorized disclosure of personally identifiable or corporate information, or a failure to comply with privacy legislation.
Regulatory defence and penalties Covers costs to comply with regulatory proceedings and related fines and penalties.
PCI fines and assessments Payment card industry fines or assessments as a result of a credit card breach in your system.
Multimedia content liability Any tort related to disparagement or harm to the reputation or character of any person or organization, violation of privacy rights, plagiarism, piracy, or other IP infringement connected to the use of a computer.
Funds transfer liability A failure in your computer security allowing an attacker to steal passwords and access banking information, then use that information to fraudulently transfer funds from a bank account controlled by you, including trust accounts.

First-party loss coverages:

Breach response services Initial breach triage support and guidance from Coalition and/or their vendors (legal, forensics, etc.)
Breach response costs Once it is determined a breach has occurred, these are the costs to remediate the breach, notify affected individuals, credit monitoring, etc.
Digital asset restoration Restoration or recreation of data that has been corrupted, deleted, encrypted, etc.
Direct and contingent business interruption, and extra expenses from security failure and systems failure Covers the net income loss as a result of network downtime of the firm's systems, or third party systems that they rely on, caused by a bad actor beaching the firm’s system (Security Failure) or an IT error/system glitch (System Failure).
Reputational harm loss Net income loss as result of the damage to the firm’s reputation in the marketplace.
Computer replacement and bricking Covers hardware that has been damaged due to a security breach of the firm’s system.
Crisis management and public relations The cost to hire a public relations firm, call centre and other support to help the firm manage the breach.
Court attendance Costs to attend court when tied to a security breach.
Criminal reward A reward to help lead to the safe retrieval of the firm’s data.
Proof of loss preparation expenses Covers the cost of an accountant helping document your lost income and additional expenses from a disruption in your computer network.

Cybercrime coverages:

Funds transfer fraud, personal funds fraud, and social engineering Covers money fraudulently transferred from a firm’s account, not limited to a trust account, including if the firm sends the money themselves after being duped into doing so by a bad actor.
Service fraud including crypto-jacking A bad actor steals the firm's computing power to supply crypto mining operations.
Invoice manipulation The firm’s invoice is manipulated leading their client to send the money to the wrong people.
Phishing Covers your client’s loss as a result of a phishing attack impersonating you as well as costs related to preventing and mitigating such incidents.