by: Leonardo Neri
Hiring insurance to mitigate financial risks is essential in a process of mergers and acquisitions (M&A). Usually these insurances aim at protecting the Data Protection Officer or even the Parent Company, so we highlight the main insured points:
– Responsibility for privacy;
– Responsibility for Network Security;
– Liability for electronic content;
– Cyber-extortion;
– Loss of digital assets;
– Lost Profits / For business interruption – arising from cyber risk.
It is worth pointing out that no company is 100% immune to cyber attack. Likewise there is no policy that covers all the risks involved. Examples of company insurance:
– Cyber Liability and Data Protection Insurance;
– Fraud Insurance; etc.
For the DPO:
– Professional Liability Insurance;
– Directors Liability Insurance;
– Kidnapping Insurance;
– Personal Image Management Insurance, etc.
A point of attention for the DPO is to require a third-party cyber risk insurance policy, as well as an adequate privacy policy, especially for third parties who have access to sensitive data.
It is better that the partner’s insurance policy is triggered, and not the DPO’s company’s policy, even though there are insurances that cover this area and future right of return.
As for key suppliers, it is also important to find out whether they have insurance against cyber attack. At key suppliers, especially in the case of interruption of operations and system fires, where there is a dependence on the supply of raw materials.