Skip to content

What is cyber insurance coverage?

No business is safe from cyberattacks. It doesn’t matter if your business is a large corporation or a little-known company. In fact, small businesses are the number one target because cybercriminals know small business owners are less likely to have sufficient protection in place. This makes it even more urgent for small businesses to have cyber insurance coverage.

Key Overview

  • Cyber insurance coverage is an investment that can protect your business from financial losses after a cyberattack.
  • Cyber insurance comes in two options: first-party and third-party coverage. Most cyber insurance will cover data breaches and leaks, network breaches and attacks, global incidents, and cyberterrorism.
  • A good cyber insurance policy will include privacy liability, media liability, and cover your network security and business continuity.
  • Most general liability business insurance does not cover cyberattacks, meaning that the only way to be insured against cyberattacks is with cyber insurance.

What is cyber insurance?

Cyber insurance protects your business against financial losses after a cyberattack. The cost of recovering from a data security incident can be astronomical, especially if you get fined by regulatory agencies. Cyber insurance coverage is a small investment that can prove to be a lifeline if you experience a devastating attack.

What Does Cyber Insurance Cover?

The best coverage will be first-party and third-party coverage. First-party coverage will protect your company’s data as it’s in your possession. This includes business, client, and employee data. Third-party coverage will protect your company from third-party lawsuits, claims, and settlement expenses.

Generally speaking, your policy should cover the following incidents in some form:

  • Data breaches and data leaks

  • Cyberattacks against your third-party software vendors

  • Network breaches and attacks

  • Incidents that happen across the world, not just in your home country

  • Cyber-related terrorist acts

How Much Cyber Insurance Do I Need?

In general, a good policy will cover the following costs:
  • Forensic services to identify the cause and extent of the breach
  • Legal fees
  • Public relations services
  • Lost business income
  • Ransoms and fines related to the security incident
  • Data recovery and replacement fees
  • Call center fees to provide information to your customers

With some policies, your provider will defend you during an investigation or lawsuit, and sometimes, they’ll provide you with a breach hotline you can call 24/7.

Not all policies include ransomware insurance coverage, but since ransomware can be devastating, it’s critical to get a policy that includes this coverage.

If you’ve never invested in this type of policy, here’s what to look for in cyber insurance coverage.

Errors and Omissions

When technology fails in a way that prevents you from fulfilling your contractual obligations, it can be a big problem. For instance, if you get hit by a ransomware attack and don’t have a backup of your client’s project, you’ll miss the delivery deadline and probably be unable to deliver the project in its entirety.

Ransomware isn’t your fault, but that doesn’t matter in a legal sense. You’re obligated to fulfill your contractual obligations to your clients whether a disruption is your fault or not. If you don’t, your customers or clients can sue you for negligence or breach of contract.

With cyber insurance coverage, you’ll be protected from claims regarding failure to fulfill promised services. This coverage often covers legal fees for disputes arising from a security incident.

You can’t predict when or if your services will fail, but you can be prepared by getting cyber insurance coverage just in case.

Privacy Liability

When choosing a cyber insurance coverage policy, it’s critical that privacy liability be included in your policy if you handle any kind of personal information. This applies to customers and employees. Any kind of data breach or leak that exposes personal information is a lawsuit waiting to happen. Data compromise coverage is the only way to protect your business from what could end up being a multitude of lawsuits.

When you have privacy liability coverage, your business will be protected against liability claims stemming from data privacy law violations. The coverage can be used for regulatory fines as well as the cost of the investigation, which agencies generally pass on to the business.

Media Liability

In the United States, intellectual property (IP) is serious business. If you commit IP infringement while advertising for your business, media liability will cover you.

This applies to all of your advertising efforts, including print and digital. For instance, coverage will apply to direct mail marketing, billboard advertising, radio and television ads, PPC marketing, and social media posts.

Media liability doesn’t cover patent infringement, but it will cover copyright infringement claims. For instance, if one of your employees uses a copyrighted image in your PPC ad campaign without permission, the copyright owner might sue you. This is where media liability will help.

Network Security

Network security is one of the most important components of cyber insurance coverage. If your business experiences a network security incident like a data breach, ransomware attack, or malware intrusion, you’ll undoubtedly face many expenses.

These expenses can include the cost of IT forensics, data recovery and restoration, credit monitoring, PR services, and payment of a ransom (although it’s advised to never pay a ransom—you should have a strong data disaster and recovery plan instead).

Business Interruption

Cyber insurance coverage doesn’t just protect you against hackers. It also provides protection against common cyber-related issues like technical disruptions to your business.

Do you run your business in the cloud? Do your employees rely on your company network to do their job? Does your company rely on third-party services like Amazon Web Services, Azure, Box, or another cloud service provider for daily operations? If any of your third-party services fail because of a security breach or even just a system failure due to human error, business interruption coverage will protect you. You can recover the cost of expenses like lost profits and moving to another provider temporarily.

Does General Liability Business Insurance Cover Cyberattacks?

You might be wondering if your regular business liability insurance will cover cyberattacks, and the answer is not usually. Unless your general liability policy comes with a specific cyber-incident clause, it’s safe to assume you’re not covered.

It’s Time to Get Protected

If you don’t have cyber insurance coverage, it’s time to get protected. Think about your cyber insurance requirements to determine what your business needs. Talk to your current business insurance provider to find out if they have a plan, or get cybersecurity insurance from an independent provider.