Does My Business Insurance Cover Cyber Risks?

Caeva O'Callaghan | December 6th, 2023

A comprehensive business insurance policy will cover you for nearly all risks associated with trading and dealing with members of the public. But will it cover cyber attacks?

No. Your standard business insurance policy cannot cover you for cyber risks. If you only have business insurance, you will be liable for one hundred percent of the costs of a data breach.

If your business stores data or operates online in any capacity, you need a cyber insurance policy in place. This is to protect your customers, your employees, and your company from malicious hackers.

In this article, we’ll answer questions such as:

When you take out cyber insurance, you protect your business and everyone involved in it against the risks posed by confidential information leaking onto the internet.

Business insurance will not cover cyber risks

When you set up your business, you should have organised cover for standard business risks. Depending on your industry, such a policy may include losses suffered in the course of your normal activities, particularly when the business faces a compensation claim. Your business may also have professional indemnity insurance, public liability insurance, and employers’ liability insurance.

All of these are essential to have for any normally trading company. However, cyber insurance is now also essential, and covers you for a very different set of risks.

Cyber insurance will cover you for losses your company suffers as a result of a cyber attack. These attacks can come in the form of malware, ransomware, viruses, and any unauthorised access or leak of data. It will also cover you for information gleaned via false pretences, e.g. if someone fakes an email from a higher level asking for access to information, or if a USB or laptop is stolen.

Your company’s electronic records may hold names, addresses, confidential medical or employment histories, and other sensitive information about your staff or customers. Even worse, if you take payments online, credit card numbers and bank information may be accessible to hackers.

This is why having cyber insurance is vital, as it helps cover the cost of hiring experts and recovering such data, as well as handling regulatory fines and compensation.

Talk to your insurance provider

Many people don’t know the difference between standard business insurance and cyber insurance, or assume that protection against cyber attacks is included. This is false, and a potentially very damaging assumption to make.

Not only does your normal business insurance policy not cover cyber risks as standard, many insurance companies are now updating their policies to specifically exclude cyber risks and cyber liability.

This is most likely because business owners attempt to claim on their business insurance when they suffer a cyber hack, without realising they do not have cover. As cyber attacks and phishing are becoming more common, even to smaller and medium-sized businesses, the insurance industry is having to update its terms accordingly.

This means it’s only going to get more important that you protect your business with a cyber liability policy, as soon as you possibly can.

As of 2021, insurance provider Zurich has announced it will be specifically excluding cyber claims from all of its commercial and liability policies.

How to get a cyber insurance policy

In order to set you up with the perfect cyber insurance policy, we need to know some things about your business and how you trade. You should tell us how large your company is, how you handle data, and how you ensure the security of that data, even if it is held by a third party.

The fact is, you should always be taking precautions to keep important and sensitive data away from prying eyes, and putting these measures in place sooner rather than later will help keep your premium manageable.

Always update software to the latest versions, and install the very best antivirus software you can find. If you give employees laptops or digital devices for the purposes of working remotely, give them sufficient training including what to do when they receive a suspicious email, and to never use devices on public wifi networks.

When you keep your data safe, you help prevent a claim down the line, and reduce the chance of falling foul of GDPR regulations – which could still end up costing your business a lot of money. Talk to our cyber insurance experts today and find out how best to protect your interests.





All Information in this post is accurate as of the date of publishing.