Insurance for IT Assets

Understanding IT Asset Insurance

IT assets represent a significant capital investment for most New Zealand businesses. Protecting these assets from damage, loss, or theft is essential for maintaining operations and financial stability. Insurance policies can cover a range of scenarios, from physical damage to cyber incidents.

Common types of insurance relevant to IT assets include:

• Material Damage: Covers physical loss or damage to hardware from events like fire, flood, or accidental damage.
• Business Interruption: Provides cover for loss of income and increased costs of working following an insured event that disrupts business operations, such as a major IT system failure.
• Cyber Insurance: Specifically designed to cover risks associated with cyber incidents, including data breaches, ransomware attacks, and system outages. This can include costs for forensic investigation, legal fees, notification expenses, and business interruption losses.
• Transit Insurance: Important for businesses that frequently ship IT equipment, covering loss or damage during transportation.

The Role of an Insurance Broker

For New Zealand businesses, engaging an insurance broker is a common and recommended approach to securing comprehensive IT asset insurance. Brokers act as intermediaries between businesses and insurance providers. They possess expertise in the insurance market and can help identify specific risks and suitable coverage options.

A broker can assist with:

• Assessing your organisation's unique IT risk profile.
• Navigating the complexities of various policy wordings.
• Sourcing competitive quotes from multiple insurers.
• Negotiating policy terms and conditions.
• Providing support during the claims process.

This approach helps ensure that your insurance coverage aligns with your business operations and potential exposures, preventing gaps in protection that could lead to significant financial implications.

Key Considerations for IT Asset Coverage

When reviewing or procuring IT asset insurance, several factors warrant attention from procurement and finance teams:

• Asset Valuation: Ensure hardware and software are valued accurately for replacement cost or agreed value.
• Scope of Coverage: Understand what events are covered and what exclusions apply. For example, some policies may exclude damage from electrical surges or specific types of cyber-attacks.
• Data Recovery: Confirm whether data recovery costs are included, especially under cyber insurance policies.
• Business Interruption Triggers: Clarify the conditions under which business interruption cover activates.
• Geographic Scope: If your IT assets are used across multiple locations or by remote staff, ensure the policy covers all relevant areas.
• Policy Excesses: Be aware of the deductible amounts that apply to different types of claims.

Regular review of your insurance policies, ideally annually and after any significant IT infrastructure changes, is good practice. This ensures that coverage remains adequate and relevant to your evolving business needs.

Understanding Cyber Insurance

Cyber insurance has become increasingly important for protecting IT assets, especially data. It is distinct from traditional property insurance, which typically covers physical damage. Cyber policies address the financial impact of cyber events, which can be substantial.

Typical coverages under a cyber policy may include:

• Costs associated with data breaches, including forensic investigation, legal advice, and regulatory fines (where insurable).
• Business interruption losses due to network outages caused by a cyber-attack.
• Ransomware negotiation and payment (subject to policy terms and legal compliance).
• Reputational harm and public relations costs.

This is general information only — consult your accountant, lawyer or IRD for advice specific to your situation.