Observers say coverage for regulatory investigations is available under cyber insurance policies.
Cyber policies with the coverage will respond to defense costs the insured organization incurs as a result of a regulatory proceeding, as well as any fines or penalties that may be assessed against an organization, said Meredith Schnur, Madison, N.J.-based senior vice president at Wells Fargo Insurance Services USA Inc.
It may also cover the funds an organization may be required to pay for consumer redress when there are monetary damages, she said.
While some cyber policies offer the full limit for regulatory actions, others have a 50% sublimit, she said. Some still offer only 10% to 15%, though those are less popular.
Companies can expect more Federal Trade Commission investigations of their data security practices as a result of a judge allowing the FTC to sue the Wyndham hotel chain on grounds it failed to adequately protect customers' personal information.