New to cyber: What does cyber insurance cover?

Understand the different forms of cyber insurance, which is right for your business, and common inclusions and exclusions you need to be aware of.

Cyber Article 8 min 8 Feb, 2024

The shift to computer systems and digital platforms has revolutionized business, bringing the world into a new era of work. But this same reliance on everything digital is leaving businesses exposed to cyber threats—something that cyber insurance is vital in mitigating.

Just as today’s cyber threats vary in size and shape, cyber insurance comes in different forms. This New to cyber article reveals the two broad types of cyber insurance cover and gives guidance on which type is best for your business, before outlining common inclusions and exclusions you need to look out for.

Types of cyber insurance cover

Cover under a cyber insurance policy can fall into two broad categories.

First-party cyber cover

This covers financial losses incurred by the insured as a result of a cyber event, often one that impacts their own network. First-party cyber losses typically include:

  • Incident response: real-time support and advice in relation to the cyber event, legal advice in relation to any legal obligations the business may have, the cost of carrying out forensic investigations to remove malware and determine the root cause of the incident and what has been accessed, the cost of notifying affected individuals that data has been breached, and so on.
  • System damage and business interruption: restoring computer systems and data to the position they were in prior to the cyber event, plus any income loss as a result of system downtime.
  • Cybercrime: loss of electronic funds, either through the hacker stealing directly from the business’s online bank account or through employees being tricked into sending funds to fraudulent accounts, as well as advising on whether it’s safe to pay as a ransom demand as part of a cyber extortion event.

Who needs it? Any business that relies on computer systems to carry out business operations, store business critical or sensitive data or transfer money.

Third-party cyber cover

This covers liability actions brought against the insured due to a network security or privacy event, such as the failure to prevent the theft of personal data. Third-party cyber insurance covers:

  • Damages: damages the insured business is legally obliged to pay to third parties.
  • Costs and expenses: legal fees incurred to defend against the liability action (often extending to claimants' costs and expenses if the insured is obliged to pay them).
  • Regulatory fines and penalties: fines and penalties levied by regulators and other bodies.

Who needs it? Any business that works with sensitive client data or is responsible for protecting a client’s systems, often including technology companies, financial institutions, healthcare providers and retailers.

Common inclusions

Data damage

IBM reports the global average cost of a data breach to be $4.45 million, when you factor in the entire cost of the incident, from regulatory fines and reputational harm to business interruption in the short and long-term.

Good cyber policies safeguard against this loss. CFC covers regulatory costs and fines levied directly as a result of a cyber incident, and provides access to expert PR support if reputations are at risk. Our cyber wording is carefully crafted to include the recreation of data, rather than just the recovery of lost data. That means if data isn’t recoverable—for example, when a hacker has deleted back-ups—we’ll cover the cost of recreating that data from scratch.

Business interruption

The primary goal of any cyber attack is to disrupt. Whether on your own systems or a third party’s, an attack that causes system failure and downtime can have a catastrophic effect on your ability to trade, resulting in a business interruption loss. 
CFC’s cyber cover is designed to reimburse any business interruption for up to 12 months, to provide protection across the entire lifecycle of a cyber incident.

Cyber extortion

Cyber extortion usually starts with a human error or oversight—think clicking on a malicious link or losing a laptop—and ends with a ransom. It can be difficult to identify how the incident developed and if you should pay the ransom.

Having a team of expert incident responders on hand will help you find answers. Our team takes a follow-the-sun approach, working around the clock to get to the root cause of incidents and discover whether the ransom needs to be paid.

What most cyber insurers don’t cover

Minimum level of security

At the time of a cyber attack, often insurers require the business to have a warranty or minimum level of cyber security in place in order to trigger the policy. As a result, many businesses who have taken out cyber insurance face having their claim declined.

But at CFC we still cover the vast majority of cyber claims, giving our policyholders valuable peace of mind that we’re here to help if the worst happens.

Property damage

Just as property policies were designed to cover brick and mortar, and go as far as to specifically exclude cyber events, many cyber policies don’t cover physical assets.

CFC is a little different, however. If a cyber incident renders hardware unusable, we’ll cover the replacement costs where it is more efficient and cost effective than installing new firmware or software onto a device.

Market-leading cyber cover

With over two decades’ experience in cyber, CFC is one of the most established providers in market. Not just here if the worst happens, our proactive service is designed to get businesses ahead of cyber risk, and our broad coverage enables our policyholders to navigate the ever-changing seas of cyber risk safely and confidently.

Any questions?

Learn all about the fundamentals of cyber cover in our upcoming webinar, Broker Essentials: Cyber. Reach out to us with any questions at cybermarketing@cfc.com.