What Does Cyber Risk Insurance Cover?

Indemnification also extends to errors and omissions that may have caused the attack, such as failure to protect a network. The deductible is a fixed amount you must pay before your coverage goes into effect and begins to pay. In 2014, 90% of cyber insurance premium volume covered risks in WISP the United States. Although at least 50 insurance companies offer cyber insurance products, actual underwriting is concentrated among a group of five insurers. Many insurance companies are reluctant to enter this insurance market because of the lack of solid actuarial data for cyber risks.

Cyber insurance, also known as cybersecurity insurance, is a type of commercial liability insurance that protects your business from cybersecurity risks and data breaches. Cyber insurance can help restore employee and customer identities, recover compromised data, and repair damaged computers and networks, whether your business has been the victim of a data breach, social engineering, ransomware, or phishing attack. For larger companies or small businesses with a lot of sensitive data, our CyberChoice First Response cyber liability insurance offers even more protection than our data breach coverage alone.

It covers liability if a customer accuses you of failing to prevent a data breach or cyberattack on your business. Cyber insurance is a policy with an insurer that mitigates financial risk for businesses by offsetting the cost of damages and recovery after a data breach, ransomware attack or other cyber security incident. It can protect you from the costs of investigations, forensic analysis, compliance fines, lawsuits and even extortion payments. These policies typically include primary insurance against losses related to cyberattacks such as hacking, malware, theft and extortion, as well as indemnification for claims made by customers in connection with these attacks.

Cyber insurance is a specialized insurance product designed to protect companies from risks arising from the Internet and, more generally, from risks associated with IT infrastructures and activities. Risks of this type are often excluded from conventional commercial liability policies, or at least not explicitly defined in conventional insurance products. If not the first, at least one of the first cyber liability policies, as we call them today, were developed for the market by Lloyd’s of London in 2000. The policy was initiated by Keith Daniels and Rob Hamesfahr, then attorneys at Blatt, Hammesfahr & Eaton in Chicago, Illinois. At the time, the assumption was that a major risk was that a company would negligently transmit a virus that could infect the systems of other companies, which would then sue the original company, causing business interruption.

While most cyber insurance claims relate to simple criminal conduct, companies are increasingly becoming victims of cyber warfare attacks by nation-states or terrorist organizations, whether targeted attacks or simple collateral damage. Governments designated the NotPetya attack as a Russian military cyberattack, insurers argue that they do not cover such events. Data breach insurance helps your business respond to data breaches and can provide small business owners with sufficient protection.