What Should be Covered by Cyber Insurance?

By 24 February 2017Blog


It is no question that Cyber Insurance has been growing in popularity since its introduction to the corporate world in the late 1990’s. For those who are new to this concept, Cyber Insurance is a policy that covers cost, expenses and losses that may arise from a cyber-attack. Having Cyber Insurance will not stop an attack however it will help businesses respond and manage costs of an attack should it happen.


Cyber insurance can be split into three distinct areas of cover: Event Management, Financial Loss and Liability.

Event Management involves the internal and external expenses of managing the response to a cyber event. Cyber insurers vary in the extent of cover provided in Event Management, but in general they recognize that providing access to third party cyber security experts can mitigate the consequences of a catastrophic event.

This is sometimes spearheaded by a cyber response coach, an industry expert responsible for advising a business on how to handle and manage a cyber event. Typically, this will start with an investigation by third parties to establish the extent of the issue. If card data is compromised, then insurers can indemnify the costs arising from a specialist PCI Forensic Investigator (PFI) investigation. Consultation on how to manage legal and regulatory issues will also be covered as well as a crisis communication strategy. Establishing a Call Centre to field queries and providing credit monitoring are the last elements of cover.

Financial Loss considers the increased operational costs and reduction in profits because of the attack. This is known as non-physical damage business interruption, and is typically excluded from property insurance. Should any fines and penalties be issued by regulators (Information Commissioner’s Office) and industry associations (for the loss of sensitive card payment data), then cyber insurers will cover this with the proviso that these are insurable by law. Costs in managing a cyber-extortion situation — and the ransom itself — can also be covered.

Liability tends to impact some months later. Affected individuals or businesses may bring claims or written demands for failing to protect their information. They may seek compensation for financial losses from hacking, or damages from identity theft. In cases where customers are claiming from multiple jurisdictions, cyber insurers can contribute towards defense costs and any resulting damages from multi-jurisdictional claims.


Source – Financial Lines Department, Elmore Insurance Brokers Limited


Choosing the correct policy for your business needs careful consideration. Working with a broker to help guide what events need to be covered is an essential part of the onboarding process.

en_GBEnglish (UK)