DBA Insurance Agent
Passwords Protecting Networks

Over the past several years, cyber attacks have risen exponentially. No longer relegated to large companies, smaller government contractors are prone to frequent, lower cost losses…all of which may be covered under a well structured cyber liability policy. Although not required by federal contract, cyber liability insurance is recommended for all government contractors.

Cyber Liability is not a requirement for Government Contractors according to the FAR unless specifically identified in the contract document. However, it is often required by a Prime contractor or commercial business.

Strong cyber compliance (NIST 800-171 or CMMC) can and should be leveraged by the government contractor applying for cyber liability insurance. Such strong security measures will enhance the marketability of the insurance through the eyes of the underwriter.

Key exposures present to government contractors involve ransomware attacks and social engineering claims (fraudulent transfer of monies).

Key apsects of cyber liability when considering coverage include:

1st and 3rd party liability

Business Interruption

Media Content

Information Privacy

Cyber Extortion

Reputatinoal Harm

Network Security

Financial Fraud

System Failure

As a result of professional liability not being contractually required, many government contractors decide against its placement. It is important however, to consider the coverage with a simple quote in order provide a reference point to future insurance and risk costs should it be required.

What do underwriters look for?

  • Multi-factor Authentication
  • Endpoint Detection and Response
  • Encrypted Backups
  • Patch protocols and end-of-life software
  • Open RDP ports
  • Security Operation Center
  • PAM Tooling
  • Incident Report Plan