Cyber insurance

Protects your business from financial losses resulting from data breaches and other cybercrimes that may compromise sensitive company and customer information.
Why it's essential
  • Covers financial losses as a result of cybercrime, including data breaches, cyber extortion, computer fraud, and more
  • Covers legal claims made by others alleging your security or privacy breach caused them financial harm
  • Protects against business interruption losses if you have to shut down following a cyber event
Who needs this coverage
  • Professionals who access private client information, such as medical, legal or financial records
  • Businesses that store customer data, such as names, addresses, and credit card numbers
  • Companies that develop innovative technology or possess restricted proprietary information

What is Cyber insurance?

Cyber insurance (sometimes called “cyber risk insurance” or “cyber liability insurance”) helps businesses recover from financial losses following cyberattacks and data breaches. Think of it as a safety net for the digital age.

Increasingly important for businesses operating today, this coverage will respond in the event of a network security failure such as data breaches, malware or ransomware attacks, and business account or email compromises.

The policy will also respond to cyber liability claims and certain expenses related to an attack or breach, such as computer system restoration. In many cases, the policy can also provide access to a panel of top-tier breach coaches and other service providers.

Person on a computer
What's covered
  • Costs related to data loss and data recovery/restoration

  • Business interruption and loss of income due to a breach

  • Computer fraud, including social engineering techniques (phishing emails, impersonation, etc.)

  • Cyber extortion

  • Costs for computer forensics, credit monitoring, and more

What's not included
  • Property damage or improvements to cybersecurity systems

  • Employment-related issues

  • Professional mistakes

  • Theft of intellectual property

Embroker makes it simple

Skip the hassle — get Cyber coverage the easy way and protect your business with tailored coverage.

Quick quotes

Get a quote and buy your policy right away through our digital platform. Get covered in a minutes, not days.

Tailored policies

Package Cyber coverage with other essential coverages, such as Commercial Crime and Workers Compensation.

Expert guidance

Benefit from our team's in-depth knowledge of common industry risks and insurance needs.

Frequently Asked Questions (FAQ)

  • Embroker has published a bunch of great resources to help you on your insurance buying journey. Check out the Embroker Resource Hub for articles on coverage, guidance on insurance costs, and what you’ll need to get a quote.

    You can also connect with a broker at any time to get help identifying your coverage gaps.

  • Cyber insurance policies will not cover claims of harassment, wrongful termination, or other employment-related issues. For these types of claims, you should invest in Employment Practices Liability Insurance.

    Cyber liability insurance protects businesses from virtual harm and does not protect against physical property damage. If you need to insure a physical business property, you should look into a Commercial Property insurance policy.

    Cyber liability insurance shields your company from financial loss in the case of unsolicited cyber attacks. But, a standard cyber liability policy will not cover you if someone within your company makes a mistake that results in a data breach or cyber attack. This is where Technology Errors and Omissions insurance comes into play. Tech E&O policies fill this coverage gap, which ensures your business is protected from any and all cyber attacks.

  • We strongly encourage all our clients to consider the value of cyber insurance, especially if they handle or use digital information.

    One of the first topics we cover with many new cyber insurance buyers is the business’s regulatory or contractual responsibility with regards to customers’ personal information. If your business stores customers data such as names, addresses, credit card information, Social Security numbers, and more, on any type of computer system on or offline, then there is a regulatory obligation to keep that data secure, and therefore, a higher price tag in the event of a breach.

    Many are surprised to learn the real costs associated with a breach. According to a Ponemon report from 2017, cyberattacks cost small and medium-sized businesses an average of $2.235 million. On top of that, the study showed that 60 percent of the businesses that were polled said that attacks are becoming more severe and more sophisticated each year.

    Cyber coverage is essential for businesses of all sizes and across various industries. Here are some examples of businesses that may benefit from cyber insurance, including startups and small businesses:

    • Startups and tech companies: These companies often handle sensitive customer data, develop innovative technologies, and rely heavily on digital systems. They are particularly vulnerable to cyber threats due to their digital infrastructure and may face significant financial and reputational risks if a cyber incident occurs. Cyber coverage can help mitigate these risks.
    • Financial institutions: Banks, credit unions, insurance companies, and other financial institutions handle large volumes of sensitive customer data and financial transactions. They face risks such as unauthorized fund transfers, identity theft, and ransomware attacks. Cyber insurance can help mitigate financial losses and assist in regulatory compliance.
    • Professional services firms: Law firms, accounting firms, consulting companies, and other professional services firms often deal with confidential client information. They may be targets for cyber attacks aimed at stealing client data or intellectual property. Cyber insurance can provide coverage for legal expenses resulting from data breaches, privacy violations, or client claims.
    • Small and medium-sized enterprises (SMEs): Small businesses may mistakenly believe that they are less likely to be targeted by cyber attacks. However, SMEs are increasingly becoming targets because they often have fewer cybersecurity resources and are seen as entry points to larger networks. Cyber coverage can help small businesses recover from the financial impact of cyber incidents.
    • Healthcare providers: The healthcare industry is a prime target for cyber attacks due to the abundance of valuable patient health records and sensitive personal information. Healthcare providers, including hospitals, clinics, and private practices, should consider cyber insurance to protect against the costs associated with data breaches, regulatory penalties, and potential lawsuits.
    • Law firms: Cyber insurance enables law firms to successfully negotiate the complicated aftermath of a cyber attack and reduce the damage on their operations and reputation by reducing financial risks and offering professional guidance. It can pay for the costs of prospective lawsuits, credit monitoring services, legal fees, data breach response, forensic investigations, notification to affected parties, and legal costs. Additionally, ransomware payments, regulatory fines, and business interruption losses may all be covered by cyber insurance. Visit our Lawyers Professional Liability page to learn more.

    It’s important for businesses to evaluate their specific risks and consult with an insurance professional to determine the appropriate level of cyber coverage needed. 

    Factors such as the nature of the business, volume of sensitive data, reliance on technology, and industry regulations should be taken into consideration when assessing the necessity and extent of cyber insurance coverage.

    Does it sound like your business needs better coverage? Tell us more about your business to get your cyber insurance quote in under 10 minutes.

    Additionally, if your business’s revenue stream has any contact with European consumers or businesses, then the recently implemented General Data Protection Regulation (GDPR) likely applies to you. Many US-based businesses have already taken measures to be GDPR compliant but that doesn’t mean your insurance has followed suit.

  • Unsurprisingly, cyber insurance emerged onto the insurance scene recently as a result of the fact that other traditional business insurance policies were simply not created to cover the types of risks most commonly associated with cyber insurance.

    Therefore, many insurance experts will argue that cyber insurance policies are still in their infancy and a lot of work needs to be done when it comes to standardizing coverage and making sure that insurance carriers are able to support the needs of modern businesses. Not only that, education is important in order for businesses to understand the threat of cyber attacks and the seriousness of these types of threats (related: read our guide on cyber threat modeling).

    A very recent report from insurers Hiscox claims that seven out of 10 firms do not have a quality cyber security strategy in place.

    There is, however, no doubt that the cyber insurance space will continue to grow rapidly and offers will certainly be expanded and customized. Also, as is the case with most other types of insurance offers, cyber insurance policies are evolving towards more industry-specific solutions and becoming less general.

  • First-party coverage typically includes coverage for:

    • Data breaches
    • Business interruption attackers, including distributed denial-of-service (DDoS) assaults, ransomware, or other malware
    • Data recovery and system restoration
    • Cyber extortion
    • Digital asset loss

    Third-party coverage addresses risks related to legal claims made by third parties. It includes coverage for:

    • Privacy and security risk
    • Network security vulnerabilities that can be used by bad actors to their advantage
    • Media liabilities
  • It’s best to shop for this type of insurance by coverage as opposed to cost. 

    Your company’s sophistication and ability to avoid an incident and coverage limit are the two biggest factors in determining premium costs, as well as revenue and number of unique PII or PHI records stored or maintained on the insured’s systems. You can read more in our full guides on cyber insurance costs and how much cyber insurance you need.

    The good news for those seeking cyber coverage is that the insurance market is a buyers’ market in 2019. There are several dozens of insurers that are competing for your business.

Cyber illustrated

Explore real-world scenarios of how this coverage has supported businesses

  • Facebook faces class action over security breach that affected 50 million users

    A lawsuit filed against Facebook alleged that the company was guilty of unlawful business practices, deceit by concealment, negligence, and violations of California's Customer Records Act as a result of a massive hack that exploited a security flaw to steal account credentials of as many as 50 million users.

  • Neiman Marcus agrees to pay $1.6M to settle 2013 data breach class action lawsuit

    Three years after Neiman Marcus disclosed that it had become the victim of a hack attack in 2013, exposing the credit card information of more than 350,000 customers, the retailer reached a $1.6 million settlement in the subsequent class action lawsuit.

  • Yahoo facing lawsuits in the wake of massive data breach

    Yahoo faced lawsuits from people who feared their accounts had been hacked and claimed the company was "grossly negligent," putting their financial and personal data at risk. The lawsuit also alleged that Yahoo did not adequately disclose the breach that exposed the private information of at least 500 million users.

  • GOP data firm that exposed millions of Americans' personal information is facing its first class-action lawsuit

    A GOP data firm that exposed millions of Americans' personal information faced a class-action lawsuit for the first time, arguing that the "actual damages" exceed $5 million.

Want to learn more about our other coverages?