Cyber
FAQ

CyberSecure with Philinsure

FREQUENTLY ASKED QUESTIONS

As of 08 August 2022

What is CyberSecure?

CyberSecure is a solution that helps protect your business against a cyberattack and its associated consequential financial and non-financial losses. Also known as cyber liability insurance, this commercial cover is designed to respond quickly to malware attacks, hacking events and electronic data breaches by funding an emergency response for mitigation of breach, pre & post investigation, and reimbursing losses. It covers your company’s losses and third-party losses (ex. your clients) in the event of a cyber-attack.

In the event of a cyber attack, CyberSecure will cover the first-party and third-party financial and reputational costs if data or electronic systems have been shut down, lost, damaged, stolen or corrupted.

First-party cover under CyberSecure includes the cost of investigating a cybercrime, recovering data lost in a security breach and the restoration of computer systems, loss of income incurred by a business shutdown, reputation management, extortion payments demanded by hackers, and notification costs, in the case you are required to notify third parties affected. Third-party coverages (that result from claims against you) include damages and settlements, and the cost of legally defending yourself against claims of a data breach.

Whether your IT network is compromised, causing your company to suffer a loss of valuable data, or, criminals ransom your company’s commercial information, we know recovery takes time and money. CyberSecure ensures that a team of specialists and breach response services are triggered within 24 hours to help your company, regardless of its size, boost resilience against cyber risks, paving the way for a swift recovery and return to normalisation of business activity.

What constitutes a cyber-attack?

A cyber-attack is when an outside entity, organization or body, infiltrates your business’s private network to shut down and steal your company’s, your employees’, and your clients’ sensitive information. This stolen information can be used for ransom and disseminated to the public.

Will my cyber insurance protect me if an employee caused the attack?

The trigger of the policy is a cyberattack event, regardless whether the affected IT system and network has been breached by an external or internal party, such as an employee. Cyber insurance protects you in the event of malware and phishing (and other network breaches) even if it has been caused by an employee unintentionally.

In what situations does CyberSecure NOT cover you?

As in other types of insurance policies, there are situations in which your CyberSecure policy can deny coverage. This happens most often when you have not made your premium payments or if a fraudulent and dishonest act has been committed.

Coverage is from policy inception, dormant malwares that may have existed within your IT System before the policy inception are automatically excluded. Make sure to also check the limits of your cover to avoid denied claims.

For my CyberSecure insurance, do I have to pay a deductible?

Yes, you will have to pay a deductible. Your deductible is determined based on your risk profile. If your turnover is below or up to USD20M, please complete the information on the Philinsure platform so you may immediately get a quote and details of coverage.

If I’m late on a payment, will my cyber security insurance be frozen?

Cyber security insurance will be cancelled if you do not meet the premium payment window as prescribed by insurer, based on your confirmed payment arrangements. Within the grace period for payment, however, your cyber security insurance will remain in effect.

How long does it take a cybersecurity company to process a claim?

Depending on the type of attack and your company size, it can take as long as two or three weeks for a claim to be processed.

How fast can incident reporting of cyber-attack be responded to through CyberSecure?

Incident reporting is responded to within a 24-hour turnaround time. Call the Philinsure hotline at +639177060397 to report an incident and subsequent breach responses are triggered from there.

How many businesses suffer from a cyber-attack a year?

Cisco’s “Cybersecurity for SMBs: Asia Pacific businesses prepare for digital defense” study (September 2021) revealed that 57% of small and medium-sized businesses (SMBs) across the Philippines suffered a cyber-incident over a 12-month period of the survey. Over a quarter of these cyber incidents cost the SMBs more than US$500,000.

According to Statista, in June 2021, there were 98.41 thousand cyberattacks reported in the Philippines, reflecting a significant decline from the same month of the previous year. The number of cyberattacks in the country were exponential during the first quarter of the year, reaching as much as around 1.76 million.

Globally, according to the Identity Theft Resource Center’s 2021 Data Breach Report, over 3M of email users worldwide are affected by a malware code. This is alarming especially when matched with Reboot Digital PR services’ study that recently revealed the Philippines ranking 9th among the least cybersecure in Asia (06 August 2022, The Inquirer). Furthermore, Allianz’s 11th risk survey has also warned corporations that cyber perils outrank business interruption, natural disasters, and COVID-19 for 2022, with broken supply chains as top global business risk.

Some key information about the Philippine Cyber Security Threat Landscape (Source: MEC Corporation):

What are more common cybercrimes that Philippine-based companies should guard against?

Unfortunately, even some of the most tech-savvy individuals can fall victim to cybercrime. While there are numerous types of criminal activities occurring online, there are a few common cybercrimes to be aware of:

• Malware
  A form of malicious software that can install itself in your systems via phishing scams and by exploiting software vulnerabilities. Once installed, the attacker can spy on online activities and steal private data.
• Ransomware
  This a form of malware that attacks your computer system and encrypts data. The attacker will then demand a ransom payment in exchange for the return of the data. It’s worthwhile to formulate a data recovery plan as a precaution and maintain at least one backup of your data.
• Hacking
  Cyber hacking is a term used for the partial or complete acquisition of a computer system or certain functions within it. There are various methods of doing so, but the aim is generally to access important data. Most of the hacking happen through information gathering and reconnaissance (e.g., innocuous attachments to emails, phishing).According to Athesya, there are ten types of attacks, all in all, that affect our most important intangible assets (our data). They are as follows:

If I don’t have cyber insurance, what would it cost out of pocket to pay for cyber-attack damages?

Cyber-attacks cost companies like yours an estimated $400 billion a year altogether. On average, a cyber-attack costs individual businesses $38,000 a year.

Is cyber insurance compulsory by law?

Cyber insurance is not compulsory by law in Philippines, but, many businesses and government agencies are already taking up precautionary measures to combat online threats such as malware, political espionage, ransomware etc. To check gravity of cyber threats in the Philippines, check: How many businesses suffer from a cyber-attack a year? Regardless, whether it is a large corporate or a small enterprise, as long as you conduct your business with an IT System or have an online presence, cyber risk is inevitable and necessary.

Who needs cyber insurance?

If your business uses, sends, or stores electronic data, you may benefit from cyber insurance. That data, whether it belongs to the business or is sensitive customer information, is vulnerable to cyber-attacks and data breaches; cyber insurance can help with the cost of recovery.

This is why cyber insurance is an important part of corporate company risk management, whatever the size, as it offers financial support if the worst happens.

How much does cyber insurance cost?

The cost of cyber insurance depends upon several factors, including the business’ annual revenue, the business activity it functions within, the type of data held, and the level of network security.

Certain sectors are more vulnerable to cybercrime and will, therefore, require a higher level of coverage.

For example, companies that hold an extensive number of personal records, such as in finance and healthcare, are at greater risk than a sector like catering, for example. The best way to find out how much it would cost to cover your business is to run an online quote through this platform.