Getting the Most from Cybersecurity Insurance

We all hope that we never have a security breach in our company. But the fact of the matter is, security breaches are becoming more common with each passing day. According to the non-profit Identity Theft Resource Center, data breaches increased 17.1 percent from 2013 to 2014, and it’s not just the big companies like Target and Ebay that are affected.

One way to protect your company is to invest in cybersecurity insurance, or cyber liability insurance. You may be asking, what exactly is cybersecurity insurance, and do I really need additional coverage? As a business, you already have invested in insurance to protect your property and assets. But cybersecurity insurance covers things that might not be included in a typical business insurance policy.

What is Cybersecurity Insurance?

There are generally two types of cybersecurity insurance:

First-Party Insurance covers digital assets, business interruptions and sometimes reputational harm.

Third-Party Insurance covers liability, the cost of forensic investigations, customer notification, credit monitoring, public relations expenses, legal defense, and compensation and regulatory fines.

In addition to these two types of insurance, a policy will cover some combination of four components:

  •         Errors and Omissions
  •         Media Liability
  •         Network Security
  •         Privacy

How do I know what I need?

Having a good cybersecurity policy in place will protect your business in the case of a security breach. As you can see from the facts laid out above, these policies will help pay for the cost of replacing assets and covering business interruption, depending on the coverage you choose. There are other costs associated with security breaches, including the expense of notifying clients or customers, and some policies are written to help cover the public relations costs associated with a security breach in addition to the physical losses.

It is important to talk with your insurance broker when finding the policy that is right for you, and understand there are some things that are not necessarily covered through these policies. For instance, you might find that while you have insurance to cover the business interruption caused by a breach, the insurance doesn’t provide coverage for loss of revenue after the breach or the loss your business suffers from reputational harm. Unfortunately, these factors are hard to measure, and therefore hard to insure.


Making sure your company is protected in the case of a security breach is important, and cybersecurity insurance is one factor of that preparedness. When talking with a broker about the coverage your company needs, it is important to go into the conversation armed with the knowledge of what costs or expenses you would like to have covered and what types of incidents you want coverage for. That’s where a Threat Sketch Risk Assessment can help. In our assessment process, we evaluate and prioritize your company’s threats, providing you with a report that outlines the potential risks and helps you allocate the amount needed for each aspect. Once you are able to see where your company’s risks lie, it is easier to understand the type and amount of insurance you will need to ensure your company is prepared for incidents and ready to act as soon as they occur.

About the author: Karen Alley is a freelance writer and editor and has worked for over 10 years writing web content and blogs for various businesses.