Home/Glossary/Cyber Insurance

Cyber Insurance

Insurance coverage that protects organizations against financial losses from cyberattacks and data breaches.

Risk & ResilienceAlso called: "cyber liability insurance", "breach insurance"

Cyber insurance transfers some breach financial risk to insurers.

Coverage types

  • First-party: Direct losses to your organization.

    • Business interruption.
    • Data recovery costs.
    • Ransom payments.
    • Notification expenses.
    • Public relations costs.

  • Third-party: Liability for others' losses.

    • Legal defense costs.
    • Regulatory fines and penalties.
    • Customer notification.
    • Credit monitoring services.

Requirements

  • Security controls assessment.
  • MFA on privileged accounts.
  • Endpoint protection (EDR).
  • Backup and disaster recovery.
  • Incident response plan.
  • Security awareness training.

Exclusions

  • Prior known vulnerabilities.
  • Failure to patch critical systems.
  • Acts of war or nation-states.
  • Intentional acts by insured.

Underwriting process

  • Security questionnaire.
  • Technical assessment.
  • Claims history review.
  • Industry and revenue evaluation.

Related Tools

Related Articles

View all articles
SMB Compliance Challenges | Cybersecurity

SMB Compliance Challenges | Cybersecurity

Compliance is entirely achievable for SMBs when they choose the right approach. Discover practical solutions that balance cost, effectiveness, and sustainability for your specific regulatory requireme...

Read article →
Data Breach Response & Notification Workflow | GDPR & HIPAA

Data Breach Response & Notification Workflow | GDPR & HIPAA

Master the complete data breach response workflow from detection to recovery. This comprehensive guide covers GDPR 72-hour notification, HIPAA breach reporting, forensic investigation, regulatory compliance, and customer notification strategies with practical tools and legal frameworks.

Read article →
Incident Response Services for Small & Medium Businesses

Incident Response Services for Small & Medium Businesses

We help growing businesses prepare for cyber incidents, respond 10x faster when attacks happen, and meet compliance requirements—all without the overhead of hiring in-house.

Read article →
Cloud Security Assessment Results

Cloud Security Assessment Results

Discover the hidden vulnerabilities that cause 95% of cloud security breaches—and how we find them

Read article →

Explore More Risk & Resilience

View all terms

Business Impact Analysis (BIA)

An assessment that identifies critical business processes and quantifies the impact of their disruption.

Read more →

Data Breach Cost

The total financial impact of a security incident, including detection, response, notification, and long-term damages.

Read more →

Incident Response Plan (IRP)

A documented, tested approach for detecting, containing, and recovering from cybersecurity incidents.

Read more →

MITRE ATT&CK Framework

A globally accessible knowledge base of adversary tactics, techniques, and procedures mapped to the attack lifecycle.

Read more →

Ransomware

Malware that encrypts systems or exfiltrates data, demanding payment to restore access or prevent disclosure.

Read more →

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time, defining how far back systems must be restored after an incident.

Read more →
Back to glossary