Cyber insurance helps protect businesses from the financial impact of cyber incidents. It covers costs that other business insurance typically doesn’t – from breach response to business interruption.
Cyber insurance is designed to cover losses from cyber incidents – ransomware, data breaches, business email compromise, and more.
It typically covers two types of loss:
First-party losses: Your direct costs – business interruption, data recovery, forensic investigation, crisis management.
Third-party claims: Claims made against you by customers, partners, or regulators following a breach.
Breach Response Services Access to legal counsel, IT forensics, PR support, and crisis management. Available 24/7 when you need it most.
Business Interruption Coverage for lost income when cyber incidents halt your operations. Includes both security breaches and system failures.
Data & Network Liability Defence costs and damages for claims arising from data breaches or network security failures.
Cyber Extortion Support for ransomware incidents, including negotiation expertise and associated costs.
Regulatory Defence & Penalties Coverage for regulatory investigations, defence costs, and insurable penalties.
E-Crime Protection against social engineering fraud, funds transfer fraud, and telephone fraud.
Data Recovery Costs to restore or recreate data damaged or lost in a cyber incident.
For Datasurance policyholders: Contact Beazley’s 24/7 claims hotline on 020 3514 2434 or email BBRUK@beazley.com
Cyber insurance is a form of cover designed to protect your business from threats in the digital age, such as data breaches or malicious cyber hacks.
Response services – Access to services from renowned experts after an incident, for example: Legal advice, IT investigation, public relations and crisis management assistance, Notification & monitoring clients impacted by the incident.
Policyholder’s liability – Loss of income caused by: Cyber security breach, data recovery costs, cyber extortion – payments associated with ‘ransomware attack’, unintentional and unplanned interruption of computer system.
Policyholder’s liability to others – Damages, penalties and claims expenses resulting from cyber incidents, including Data breach liability, Regulatory penalty payments, Payment card liabilities and costs, Media liability.
E-Crime – These can be commonly referred to as ‘social engineering’: fraudulent instruction, funds transfer fraud, loss of funds due to the tricking of a policyholder or financial institution by a criminal pretending to be a stakeholder to transfer funds to the criminal’s account.
Breach Response – GBP 100,000 Legal, Forensic & Public Relations/Crisis Management each loss.
Number of records – 50,000 Number of notified individuals each loss.
The Breach Response Limits above are in addition to the single Loss Limit of Liability.
Policy Limit of Liability – GBP 250,000 Single Loss Limit of Liability.
Additional Breach Response Limit – GBP 250,000 Additional Breach Response Limit.
First Party Loss
Business Interruption Loss –
GBP 250,000 resulting from a Security Breach each loss during the policy period.
GBP 250,000 resulting from a System Failure each loss during the policy period.
Dependant Business Interruption Loss – GBP 100,000 resulting from a Dependant Security Breach each loss during the policy period.
The limit of liability for Dependant Business Interruption Loss is part of and not in addition to the Business Interruption loss limit listed above.
Cyber Extortion Loss – GBP 250,000 each loss during the policy period.
Data Recovery costs – GBP 250,000 each loss during the policy period.
Liability
Data & Network Liability – GBP 250,000 each loss during the policy period.
Regulatory Defence & Penalties – GBP 250,000 each loss during the policy period.
PCI Fines, Costs & Expenses – GBP 250,000 each loss during the policy period.
Media Liability – GBP 250,000 each loss during the policy period.
E-Crime
Fraudulent Instruction – GBP 50,000 each loss during the policy period.
Funds Transfer Fraud – GBP 50,000 each loss during the policy period.
Telephone Fraud – GBP 50,000 each loss during the policy period.
Criminal Reward
Criminal Rewards Funds – GBP 50,000 each loss during the policy period.
Breach Response
Nil – Forensic & Public Relations/Crisis Management
But
Nil – for legal costs
50 – Notified Individuals Threshold
First Party Loss
Business Interruption Loss
GBP 1,000 resulting from a security breach & system failure each incident
GBP 1,000 Dependent Business Interruption Loss resulting from a dependent security breach and dependent system failure
GBP 1,000 each incident
Waiting period – 8 hours
Extortion Loss – GBP 1,000 each incident
Data Recovery – GBP 1,000 each incident
Liability
Data & Network Liability – GBP 1,000 each claim
Regulatory Defence and Penalties – GBP 1,000 each claim
Payment Card Liabilities & Cost Retention – GBP 1,000 each claim
Media Liability – GBP 1,000 each claim
E-Crime
Fraudulent Instruction – GBP 1,000 each incident
Fund Transfer Fraud – GBP 1,000 each incident
Telephone Fraud – GBP 1,000 each incident
Please note, above retention limits for First Party Loss, Liability & E-Crime increase to £5,000 each claim/incident for companies with turnover over £10 million
For full details, please check the document – Cyber Insurance Policy coverage details document and policy wordingsMulti Factor Authentication uses a second piece of information to authenticate access, such as a text to your mobile phone, so more than just a password.
Passwords alone no longer provide enough security, especially for services accessible from the Internet (e.g., Microsoft 365, Google Workspace, etc).
Phishing attacks – Cybercriminals use deceptive emails and websites to trick employees into clicking on malicious links, and divulging sensitive information such as login credentials, financial details or personal data.
Ransomware – In these attacks malware encrypts a company’s data and attackers demand a ransom for the decryption key which would allow the targeted company to re-access their systems.
Insider Threats – whether malicious or accidental, pose a significant risk. Employees, contractors or business partners with access to sensitive information can inadvertently or intentionally cause data breaches.
Malware and Viruses – Malware and viruses can infiltrate business systems through various vectors, including email attachments, visiting malicious websites, and opening or downloading compromised software.
Weak passwords and authentication – weak, reused or shared passwords are a common vulnerability that cybercriminals exploit to gain unauthorised access to systems and data.
YES – Cyber Dependent Business Interruption will be triggered if the technology provider or any other critical provider has a network security event or an unplanned outage. This amount of cover is often more than you can recover under your commercial contract with the technology provider
Don’t think of a Cyber Insurance Policy covering losses associated with technology only. Personal data can be electronic or paper.
Personal data is widely defined, for example: social media posts, photographs, lifestyle preferences, transaction histories, or IP addresses.
Almost everyone is a realistic target for ransomware. If you inadvertently install ransomware, it may limit access to your system and display a pop-up message threatening the user to pay the ransom to access their information.
Everyday payment processing activities are a realistic target for fraudulent transfer requests. An apparent authentic request for payment online could infact be a criminal. Targets include every type of business, including : lawyers, accountants, construction, schools, charities, councils, manufacturers, and estate agents.
Some cyber exposures do not involve personal data.
In case of a claim, please contact your insurer, Beazley Insurance DAC.
Email – BBRUK@beazley.com
Phone – +44 (0)20 3514 2434 (24 hours)
We do not recommend you cancel any existing cover, without seeking advice from an insurance professional. If you already have Cyber Liability Insurance, please refer to the insurance broker who provided this cover for their professional advice on whether you should continue with the policy they arranged. There might be additional cancellation terms and conditions, please check with your insurer.
If you have any questions that are not listed here, please reach out to us below.