The Tribune

NUA Insurance Agents & Brokers is targeting up to 3,000 clients with its newly-launched cyber liability insurance coverage, a product designed to give businesses protection from online exposures such as e-theft.

The wholly-owned Bahamas First subsidiary, which is the first to launch this type of coverage in this nation, unveiled the product to a cross-section of the business and insurance community last week at the British Colonial Hilton.

NUA’s assistant managing director, Stanford Charlton, said the company had been closely monitoring hacking and cyber attacks that are happening internationally, and felt it was time to introduce the product to the Bahamian market.

Over the Christmas holiday, hackers stole the credit and debit card information of millions of Target’s customers. The US retailer is now facing a string of lawsuits over its data breach.

“We said if it can happen in Europe, Asia, the United States and other places, it’s at our doorsteps. We need to take this thing seriously and bring it here,” said Mr Charlton.

“We follow closely what happens in the United States. Once the claims start to happen there, people will look at the Bahamas as an easy target, so we realised that we had to bring that insurance product here.”

Mr Charlton said that if a company’s IT system is breached, and its clients’ personal information is accessed, it may face stiff fines or penalties under the Data Protection Act if adequate safeguards were not in place. Cyber liability insurance gives cover for these fines.

NUA’s managing director, Warren Rolle, said that since the launch the broker/agent had gotten “quite a number of inquiries from a number of our competitors”.

“So, we’re pretty sure that they are going to follow suit at some point,” he added.

Mr Charlton explained that NUA’s staff underwent extensive training over several weeks to become familiar with the product. It later invited Charles Juarbe, divisional director of global insurance broker, FINEX Global & Willis, to discuss the coverage during the launch.

He added: “I have been getting calls non-stop asking about cyber liability insurance, and when I explain what it covers and what some of the ramifications of computer hacking are, clients want to know more.

“This was a timely presentation and I hope it sensitises the public to knowing and understanding that they need to get this insurance.

“We are live with the facility, so when clients call us we can give quotes within 20-25 minutes once they provide us with information on their turnover, the number of employees and what limits they want. They can get quotations back quickly.”

Mr Juarbe said his company decided to partner with NUA because the latter has a “strong presence” in the Bahamas.

He advised companies dealing with customers’ sensitive data to be careful when selecting outside vendors.

“As a company, you have to ask yourself two questions – one, are you managing the IT system, and two, are you outsourcing that IT system,” Mr Juarbe said. That’s the difference.

“Sometimes you have a company like a restaurant, and you have the owner in the back, but he’s only just plugging information in, in terms of profits and sales.

“Who is providing that point of sale system or payment providing system? That’s not going to be them; that’s an outsourced vendor. Then what you need to do is question that outsource vendor: Do you have the firewalls, the anti-virus systems to make sure you are providing adequate coverage for me because, even though the restaurant is going to get coverage, they also need to make sure that the outsource provider is providing them that same protection as well. People need to know the answer because the risks and the losses are real.”

Mr Juarbe said there was a minimum and maximum revenue requirement when it came to securing cyber liability insurance with NUA.

“So, if your company is making $200 million in gross revenues and more than $30 million in net profit, obviously you’d be too big for the facility. But that doesn’t mean that you can’t get coverage. What we could do is go to open market, access other markets to get quotations for you,” he said.

“To be excluded from the cyber facility there would have to be a risk that we’d have to say is beyond the regular small medium enterprise risk. There are some classes of business that will fall out, obviously, because of the higher risk that they have, such as financial institutions or hospitals or technology companies.

“But does that mean that we can’t get them coverage? Absolutely not. We can get them coverage and we can get them whatever limit that they’re looking for.”

Mr Charlton said the cost of the cover is dependent on the type of business, its annual turnover and the number of employees it has. Coverage ranges from $250,000 up to $2 million.

“Premiums are quite reasonable, $412 for $1 million coverage for certain companies,” he said. “It’s a quick process. We promise that you will be in and out as long as we have the right information.”