DEFINITION of Computer Crime Insurance
Computer crime insurance is a type of insurance policy that provides protection from crimes committed through the use of a computer by a company’s employees. Computer crime insurance covers losses that directly result from the use of a computer, and often focus solely on the transfer of property from within the company to parties outside of the company, or vice versa.
This kind of policy may be contrasted with other types of "cyber" insurance coverage purchased by individuals, for example to protect from identity theft, credit card fraud, or theft of cryptocurrency from personal 'wallets'.
BREAKING DOWN Computer Crime Insurance
Insurance companies often have long histories of underwriting life, property, and liability policies, and can use actuaries to determine whether risks are changing over time. Most risks that policies cover tend to not evolve very quickly: insurance policies covering floods and fires are not covering a novel form of risk. The use of computers, smart phones, and other electronic devices, however, has changed dramatically over the past few decades.
The amount of risk that a company may face when it comes to crimes committed through computers is hard to estimate. A company may recognize that it needs to create a firewall to prevent employees from transmitting certain types of data, but creative employees may be able to circumvent firewalls anyway. Computer crime insurance policies have to properly define what devices are considered computers, and what activities done on a computer may constitute a crime.
These policies are different from other computer-related insurance coverages that are meant to protect individuals personally from identity theft, or other crimes where they are the victim - rather than where the firm is the victim of an unscrupulous employee or group of employees.
A company, such as a financial firm or a claims processing company, that chooses to purchase computer crime insurance needs to ensure that its coverage applies to a broad set of situations. For example, the coverage language may say that the insured can only file a claim if losses were caused by computer access by an unauthorized party, such as a hacker. In this case, a crime committed by an employee may not be covered, as the employee is considered an authorized user of the company’s computer system. Computer crimes perpetrated by a company's employees may also fall under a firm's blanket bond coverage as well, protecting the company from damages caused by its employees or contractors.