Cyber insurance is a special insurance policy that covers your business’ losses and liability for intrusions into your business’s computers, computer networks, software, payment processing, and other information technology (cyber events). Cyber events that may be covered by cyber insurance include data breaches, malware, ransomware, viruses, spyware, wire transfer fraud, phishing, denial-of-service (DoS) attacks, Trojans, adware, botnets, man-in-the-middle attacks, credit card web skimming, and others.

In addition to breaching a business’s own valuable information and processes, a data breach may target a business’s sensitive customer information, such as credit card numbers, account numbers, telephone numbers, mailing addresses, passwords, driver’s license numbers, Social Security numbers, health records, and other personally identifiable information (PII).

In Rhode Island, cyber insurance is designed to mitigate the risks associated with electronic business operations by providing coverage for various cyber events. These events can range from data breaches and malware attacks to more sophisticated cyber threats like ransomware and phishing schemes. The state does not have specific statutes that mandate businesses to carry cyber insurance; however, Rhode Island does have data breach notification laws that require businesses to notify affected individuals in the event of a security breach involving personal information. This is outlined in the Rhode Island Identity Theft Protection Act of 2015. Cyber insurance policies in Rhode Island typically cover expenses related to the breach, such as notification costs, credit monitoring services, legal fees, and regulatory fines. Additionally, they may cover liability for loss of third-party data and business interruption costs. Businesses handling sensitive customer information, such as PII, are encouraged to consider cyber insurance as a part of their risk management strategy to protect against potential financial losses and legal liabilities arising from cyber incidents.