Cyber insurance is a special insurance policy that covers your business’ losses and liability for intrusions into your business’s computers, computer networks, software, payment processing, and other information technology (cyber events). Cyber events that may be covered by cyber insurance include data breaches, malware, ransomware, viruses, spyware, wire transfer fraud, phishing, denial-of-service (DoS) attacks, Trojans, adware, botnets, man-in-the-middle attacks, credit card web skimming, and others.

In addition to breaching a business’s own valuable information and processes, a data breach may target a business’s sensitive customer information, such as credit card numbers, account numbers, telephone numbers, mailing addresses, passwords, driver’s license numbers, Social Security numbers, health records, and other personally identifiable information (PII).

In South Carolina, businesses can obtain cyber insurance to protect against the financial consequences of cyber events such as data breaches, malware, ransomware, and other IT security incidents. Cyber insurance policies typically cover expenses related to responding to a cyber incident, including investigation costs, public relations efforts, legal fees, and notification costs for affected individuals. Additionally, these policies may cover regulatory fines and penalties, as well as losses from business interruption. It's important for businesses to understand that South Carolina has specific data breach notification laws, outlined in the South Carolina Identity Theft Protection Act (SC Code § 39-1-90), which require businesses to notify affected individuals in the event of a data breach involving personal identifying information. Failure to comply with these laws can result in penalties, making cyber insurance an important consideration for risk management. Businesses should work with an attorney to ensure that their cyber insurance policy provides adequate coverage in compliance with applicable state and federal laws.