What kind of cyber insurance and how much do you need

The material presented on this website is for informational purposes only. It is not intended as legal advice or any other type of professional advice. It was gleaned from YouTube and various seminars. The information is intended to help you formulate questions and as a starting place for your research. Talk to your insurance agent for advice. Don't get it from the internet.

Orange Risk Management Button on Computer Keyboard. Business Concept.

How to get a discount on your cyber insurance

Talk with your MSP.  For Cloud Cover clients, our insurance provider will provide favorable rates to clients that participate in Cloud Covers security programs.

First party vs third party cyber insurance

There are two main types of cyber insurance options available to businesses, first party cyber insurance and third party cyber insurance. First party cyber insurance is designed to protect the business itself against losses caused by a data breach or other cybersecurity incident. This type of insurance covers the business’s own costs related to the incident, such as forensics investigation costs, business interruption losses, and related reputational damage. Third party cyberinsurance focuses more on protecting the business from legal liabilities associated with a cybersecurity incident. This type of coverage will provide protection for claims made against the company by customers, vendors, or other third parties alleging financial loss due to an incident, as well as cover legal costs associated with defending those claims.

Comparing first and third party cyberinsurance policies, one key difference between them is in terms of how they respond to different types of incidents. If an organization experiences a data breach due to its internal systems being breached by hackers, then first-party cyber insurance can help cover some of the expenses that may be incurred in order to investigate and mitigate the incident. On the other hand, if a customer were to make a claim against the organization alleging that their personal data had been compromised due to negligence on behalf of the organization (e.g., failing to properly secure customer information), then it would be up to a third-party policy in order for any claim settlements or legal defense costs incurred by such an event to be covered.

What kinds of things does cyber insurance cover?

There's a huge variety in which companies cover which events.  You should discuss the likelihood of each of these events with  your IT professional. But here is an outline for a cyber insurance coverage checklist.

  • Client Data Loss - Believe it or not, many carriers have an absolute exclusion in their policy form for the replacement, reproduction & restoration of client data lost or damaged during a security breach or other error or omission.
  • Cyber Extortion -  This coverage is needed for situations where you must make a payment to eliminate credible threats to breach security in order to corrupt, damage, or destroy your computer system.
  • Rogue Employee - Disgruntled current or ex-employees can do serious damage that is costly and time-consuming to undo.  
  • Tech & Professional Services Wrongful Act - means any negligent act, error, omission, misstatement, misleading statement, misrepresentation or unintentional breach of a contractual obligation in rendering or failing to render Professional Services or Tech Services.
  • Breach Response - Costs incurred because of an actual or reasonably suspected Data Breach or Security Breach.
  • Business Interruption Loss - Income Loss, Forensic Expenses and Extra Expense sustained during the Period of Restoration as a result of the actual interruption of business operations caused by a Security Breach.
  • Dependent Business Interruption Loss - Income Loss and Extra Expense actually sustained during the Period of Restoration as a result of an actual interruption of the business operations caused by a Dependent Security Breach.
  • Data Recovery Costs - reasonable and necessary costs incurred to regain access to, replace, or restore Data.
  • Fraudulent Instruction - the transfer, payment or delivery of Money or Securities as a result of fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions provided by a third party, that is intended to mislead through the misrepresentation of a material fact which is relied upon in good faith.
  • Funds Transfer Fraud - the loss of Money or Securities contained in a Transfer Account at a Financial Institution resulting from fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions by a third party issued to a Financial Institution directing such institution to transfer, pay or deliver Money or Securities from any account maintained by the Insured Organization at such institution, without the Insured Organization's knowledge or consent.
  • Telephone Fraud - the act of a third party gaining access to and using the Insured Organization’s telephone system in an unauthorized manner.
  • Computer Hardware Replacement Cost - includes reasonable and necessary expenses incurred to replace computers or any associated devices or equipment operated by, and either owned by or leased to, the Insured Organization that are unable to function as intended due to corruption or destruction of software or firmware directly resulting from a Security Breach
  • Voluntary Shutdown - Crippling global cyber events and attacks cause widespread disruptions.  As IT companies respond to the malware, sometimes it is determined that the best course of action to mitigate potential harm is to shut down their systems.  Although this action stopped the spread of malware, it also opened the door to for extra expense and lost income resulting from a voluntary shutdown.
  • CryptoJacking - the Unauthorized Access or Use of Computer Systems to mine for Digital Currency that directly results in additional costs incurred for electricity or internet
  • Contingent Bodily Injury - Claims wherein the Damages sought by the claimant are for Bodily Injury which arise solely out of a Security Breach affecting Computer Systems
  • GDPR Cyber Liability - This coverage is for claims expenses and penalties if a foreign governmental agency or international regulatory body brings an enforcement action against you for a violation of a law protecting the confidentiality and security of Personally Identifiable Information.
  • Invoice Manipulation - the release or distribution of any fraudulent invoice or fraudulent payment instruction to a third party as a direct result of a Security Breach or a Data Breach.

How much cyber insurance coverage do you need?

This is a personal decision for each business owner to make.  Start with these questions when preparing to talk to your insurance agent.

  • What does it cost your business to be down for a day?
  • How long would it take you to rebuild your IT systems from scratch?
  • What would the harm be to your reputation if you lost client information?
  • Are you spending enough on good quality security now.  Security spend should be about 25-50% of your overall IT budget.
  • Do you train your employees?
  • Do  you regularly review phishing test results?
  • Have you talked with your peers?  A business owner once told us he was the only one in his peer group that hadn't suffered through a ransomware attack.

Go to our guide to cyber security for small business