As important as cyber insurance, it does tend to have some gaps which need to be filled. The best way to fill these gaps is having proper understanding of the policy. When we talk about cyber-attacks, too often we focus our attention to business and business related devices and technologies. if we should take things as they truly occur in reality, we all would agree that employees often use their personal devices for work related activities.
As a matter of fact, some businesses even make this acceptable as they encourage it to boost productivity. Just like any device in your business is vulnerable to data breach, the same applies to those personal devices of your employees. The truth is that your standard cyber insurance policy does not include these employees’ devices to its coverage.
BYOD generally stands for ‘Bring Your Own Device” and covers all devices that are not registered to the business. So when reading through your policy, you should make it clear to the insurer that the term ‘computer system’ is not just limited to your business owned computer systems. Without the BYOD included in the policy, it means if the data breach occurs through your employee’s personal devices, the insurer would not take responsibility for such damage or loss.
