Skip to main content

All About Cyber Insurance

By September 9, 2019December 16th, 2019Insurance
cyber insurance

What is cyber insurance? It is a sub-category of general insurance that covers businesses and individuals against internet-based liability and risks.

There are two levels of coverage:

  • First Party–covers direct losses to an organization/individual
  • Third-Party–covers claims and legal action by customers/partners

Common coverages included in cyber insurance are:

  • Data breaches
  • Identity theft
  • Personal data theft


One type of coverage is first-party coverage. This protects an organization or individual. Common features of first-party coverage are:

Loss/Damage to Electronic Data

Covers losses caused by damage, theft, disruption or corruption of data from covered perils such as hacking, viruses or denial or service attacks.

Loss of Income/Extra Expenses

Covers the income you lose, and expenses incurred by a shutdown of your business due to a covered peril.

Cyber Extortion Losses

Covers incidents where a cyber thief breaks into your system and threatens to commit a nefarious act.

For example, they may threaten damage to your data, the introduction of a virus or a shutdown of your system unless you pay them.

Notification Costs

Covers the cost of notifying the affected parties of a breach in accordance with government statutes and regulations.



In addition to first-party coverage for cyber insurance, third party coverage exists as well. Third-party cyber coverage includes the following:

Network Security Liability

Covers lawsuits against you due to a data breach, or the inability of others to access data on your system. Coverage may apply if the cause is a result of a data breach, virus, malware, denial of service attack or unauthorized access and use of your system by a hacker or rogue employee.

Network Privacy Liability

Covers lawsuits based on allegations that you failed to properly protect sensitive data stored on your system. The data may belong to clients, customers or other parties.

Electronic Media Liability

Covers lawsuits against you for acts like libel, slander, defamation, copyright infringement, invasion of privacy or domain name infringement.

Errors and Omissions Liability

Some cyber policies cover errors and omissions that arise from professional services provided by the insured. For example, a policy purchased by a software developer may include coverage for claims that arise out of coding mistakes.



Policy Limits and Sub-Limits

Be sure to look at the coverage limits of your policy. Most people don’t realize that there are sub-limits hidden in policies that make coverage restrictive for things like forensic investigation or breach notification.

Loss of Intellectual Property/Trade Secrets

Most policies right now are geared toward the risks of losing large customer databases. As a result, loss of IP at the hands of data thieves is currently not covered.

Risk Mitigation Costs

Cyber liability policies don’t cover the cost of beefing up security and improving systems to lessen the risk of future attacks.

Negligence Induced Incidents

If your business has poor security practices, and an attack could’ve been prevented, insurance will not cover this claim. Be sure that your company is in compliance with all PCI DSS security standards.

Nation-State Attacks

Enterprises at risk of being attacked by a nation-state should look carefully at their policy for this kind of exclusion.

Loss of Future Revenue

This type of policy doesn’t cover the loss of any future revenue that may be attributed to a data breach or network security issue.

Physical Damage

Any physical damage that resulted from a cyber-attack will not be covered by a cyber liability policy. However, these risks can be covered in other insurance policies.

As always, we hope that you’ve found this information useful. If you want to know more or think you may need this type of policy, contact us today!