A good cyber-insurance policy can help enterprises weather storms more effectively when a data breach or network security failure has occurred.

Cyber-insurance, now being offered by virtually all the major insurance companies, protects businesses and individual users from Internet-based risks—mainly ones relating to IT infrastructure and access to it. Risks like these are typically excluded from traditional commercial general liability policies, or at least are not specifically defined in traditional insurance products.

Cyber-insurance policies may include first-party coverage against losses such as data destruction, extortion, theft, hacking and denial-of-service attacks.

A policy may feature liability coverage indemnifying companies for losses to others caused by things like errors and omissions, failure to safeguard data or defamation.
In this eWEEK slide show, published with permission from CISO trade publication SecurityCurrent, 10 chief information security officers (CISOs) from various industries share insight on the future of cyber-insurance and tips for success. However, the adoption of cyber-insurance comes with a number of caveats, making it imperative for CISOs to take an active role in procuring policies.