A professional services firm using a network of several computers discovers that a virus has entered its systems, despite the firm having anti-virus software and employee controls to prevent such incidents. Since anti-virus software only detects known viruses, this virus was able to enter undetected and was able to prosper and infect the computers. What complicated matters is that the virus allowed an external party responsible for spreading the malware to access the email account used on the original infected computer and gain access to highly sensitive business data, including client bank account details.
The firm was forced to erase, cleanse and restore all data from their systems in order to rid itself of the virus. The Insured's existing Public Liability and Professional Indemnity policies were unable to cover the majority of the costs, as data restoration damage caused by viruses were excluded from their first party coverage for both lines.
In this case, had they opted for a cyber liability policy, they would have received both first and third party coverage that would have accounted for: