Cyber Insurance: Protect Your Business from Digital Threats

by Vicky Sarin

Updated June 2026 · Reviewed by the Eduyush editorial team

Quick answer

Cyber insurance covers the financial fallout of a cyber incident — data breaches, ransomware, business interruption, and the liability you owe to affected third parties. It combines first-party coverage (your own losses) and third-party coverage (claims made against you), because standard business policies usually exclude digital risks. It is one of the core lines a modern business needs.

What is cyber insurance?

Cyber insurance is a policy that protects a business against financial losses from cyber incidents — including data breaches, ransomware, network damage, and the resulting legal liability — covering both the company's own costs and claims brought by others.

The average cost of a data breach reached $4.88 million globally in 2024 (IBM, Cost of a Data Breach Report 2024), and because traditional policies rarely cover digital threats, cyber cover has become a core part of business risk management.

What does cyber insurance cover?

Coverage splits into two halves — your own losses and your liability to others:

First-party (your own losses) Third-party (claims against you)
Forensic investigation of the breach Payments to affected customers
Data recovery and system restoration Litigation and regulatory defence
Customer notification, call centre, credit monitoring Settlements, damages, and judgments
Lost income from business interruption Media liability (defamation, IP infringement)
Cyber extortion and ransomware  
Crisis management and PR  
Regulatory response costs  
Social engineering / BEC fraud  

Some items — especially social engineering / business email compromise (BEC) fraud, where funds are wired on fraudulent instructions — are often a sub-limit or endorsement rather than full standard cover. Check the limit.

A comprehensive policy combines both halves, so you are covered for direct losses and any liability arising from the same incident.

What cyber insurance does not cover

Usually not covered Why
Poor maintenance of systems Operational, preventable issue
Known vulnerabilities the insured ignored Preventable risk
Fraud by owners or executives Intentional act
Future lost profits beyond policy terms Coverage limitation
Reputational damage with no measurable loss Hard to quantify
Ransom paid to a sanctioned entity Legally prohibited (e.g. OFAC sanctions)

Cyber insurance vs general liability insurance

Business owners often assume general liability covers cyber events. It does not — the two respond to different risks:

Cyber insurance General liability
Data breaches Physical injury claims
Ransomware Property damage claims
Privacy liability Third-party bodily injury
Network interruption Non-cyber incidents

Relying on general liability for a data breach is a common and costly mistake.

Common cyber risks it mitigates

  • Data breaches — covers notification, credit monitoring, and PR after sensitive data is exposed.
  • Ransomware — covers ransom payments (where legally permissible), data recovery, and downtime.
  • Business interruption — replaces income lost while systems are down. Note this is cyber business interruption, triggered by a network security failure or covered cyber event — not the physical-damage trigger that standard commercial business interruption requires.

Example: ransomware attack on a small business

A ransomware attack encrypts a small firm's systems and halts operations. A cyber policy can cover:

  • Forensic investigation to find the entry point.
  • Legal advice on notification and regulatory obligations.
  • Data restoration and system rebuild.
  • Customer notification.
  • Business interruption income during the downtime.

Any ransom payment is covered only where legally permissible — and never to a sanctioned threat actor, which can itself be unlawful.

Do small businesses need cyber insurance?

Yes — often more than large companies, because they have fewer defences:

  • Small businesses are frequent, deliberate targets.
  • Ransomware affects companies of all sizes.
  • Holding any customer data creates liability.
  • Recovery costs routinely exceed expectations.

Who needs cyber insurance?

Every business with data has some exposure, but priority rises with the sensitivity and volume of data held:

Business type Priority
Healthcare Very high
Financial services Very high
E-commerce High
IT services High
Professional firms High
Retail Medium–high
Manufacturers Medium

How much cyber insurance do you need?

It depends on your industry, size, the sensitivity of the data you hold, and your regulatory exposure (GDPR, CCPA, HIPAA). As general guidance:

Business size Typical coverage range
Small business $250,000 – $1 million
Mid-sized business $1 million – $5 million
Large enterprise $10 million+

General market guidance only; figures vary by insurer and risk profile. Brokers' annual studies such as the Hiscox Cyber Readiness Report publish indicative SMB benchmarks.

High-risk sectors (healthcare, finance, retail) and businesses holding large volumes of personal data should size up. Estimate your worst-case breach cost and check existing policies for gaps before settling on a limit.

How to choose a cyber insurance policy

  • A "duty to defend" — the insurer defends you in a lawsuit or regulatory investigation.
  • Global coverage for incidents anywhere, not just domestically.
  • A 24/7 breach hotline for immediate response.
  • Clear treatment of ransomware and social-engineering fraud, including sub-limits.
  • Whether it is primary over your other policies.
  • The retroactive date — cyber cover is usually claims-made, so the incident must occur after that date and be reported during the policy period. When switching insurers, watch for a retroactive-date gap.
  • The ability to add additional insureds where business relationships require it.

Cyber insurance and compliance (GDPR, CCPA)

Data-protection laws such as GDPR and CCPA impose strict breach-notification and privacy rules, and non-compliance can mean heavy penalties. Cyber insurance supports compliance by funding breach response, legal defence, and crisis management. It may also cover regulatory fines — but only where those fines are legally insurable, and typically only fines arising from a data breach or unauthorised disclosure. Fines for other GDPR violations (such as transparency or consent failures) are usually not covered. Confirm the wording with your insurer rather than assuming fines are covered.

What does cyber insurance cost?

Premiums depend on business size, industry risk, your security posture, and claims history. You can lower the cost by demonstrating strong controls — multi-factor authentication (MFA), regular security audits, and staff training — and by bundling with other policies. Many insurers now require MFA as a condition of cover; see cyber insurance MFA requirements with Silverfort for how that plays out in practice.

How a cyber claim works

  1. Notify immediately — report the incident as soon as it is detected so cover engages without delay.
  2. Document — provide a timeline, what happened, and the impact on the business.
  3. Assessment — the insurer investigates the extent of the damage and estimates the cost.
  4. Payout — covered costs (recovery, legal, crisis, interruption) are paid up to your policy limit.

Common cyber insurance mistakes

  • Assuming general liability covers cyber events.
  • Buying too little coverage.
  • Ignoring ransomware and sanctions exclusions.
  • Not implementing MFA (often a condition of cover).
  • Failing to train employees against phishing and BEC.
  • Not reviewing vendor and supply-chain cyber risk.

ACORD forms for cyber insurance

The cyber-specific form is the ACORD 834 (Cyber and Privacy Coverage Section). It is submitted with an applicant section — either the ACORD 825 (Professional / Specialty Insurance Application) or the ACORD 125 (Commercial Insurance Application), which also carries a "Cyber and Privacy" line. When cyber is bundled with property or general liability, the ACORD 140 and ACORD 126 sections may also apply.

State-specific versions of the ACORD 834 exist (for example 834 MN for Minnesota and 834 MT for Montana) for those states' applications.

For the full picture, see what are ACORD insurance forms.

Frequently asked questions

What does cyber insurance cover?
First-party losses (forensics, data recovery, notification, business interruption, ransomware, crisis management, regulatory response, and social-engineering fraud) and third-party liability (customer payments, legal defence, settlements, and media liability).
Does cyber insurance cover ransomware payments?
It typically covers ransom payments where legally permissible, plus data recovery and downtime. Payments to a sanctioned threat actor are not covered and may themselves be unlawful (e.g. under OFAC sanctions).
Does cyber insurance cover social engineering or wire fraud?
Often, but usually as a sub-limit or endorsement rather than full standard cover. Check the limit for business email compromise and fraudulent funds transfer.
Do small businesses need cyber insurance?
Yes, often more than large firms. Small businesses are frequent targets, ransomware hits all sizes, holding customer data creates liability, and recovery costs usually exceed expectations.
What does cyber insurance not cover?
Common exclusions include poor system maintenance, known vulnerabilities the insured ignored, fraud by owners or executives, future lost profits beyond policy terms, unquantifiable reputational damage, and ransom paid to a sanctioned entity.
Does cyber insurance cover GDPR or CCPA fines?
Only where such fines are legally insurable, and typically only fines arising from a data breach. Fines for other GDPR violations such as transparency or consent failures are usually not covered.
What ACORD form is used for cyber insurance?
The ACORD 834, the Cyber and Privacy Coverage Section, submitted with an applicant section such as the ACORD 825 or the ACORD 125. State-specific versions of the 834 exist.
How can I lower my cyber insurance premium?
Implement multi-factor authentication, run regular security audits, train staff, keep a clean claims record, and bundle with other policies.

Build resilience, not just cover

Cyber insurance is about more than transferring risk — paired with strong security controls, it lets your business recover quickly from an incident instead of being defined by it. Match the limits to your data and industry, and confirm exactly what the policy includes — and excludes — before you rely on it.

Next steps

See how MFA requirements affect your cover, and why insurance is core to your business.

Cyber insurance & MFA (Silverfort) Why your business needs insurance

Leave a comment

Please note, comments must be approved before they are published

This site is protected by hCaptcha and the hCaptcha Privacy Policy and Terms of Service apply.


Health Insurance Claim Letter: Tips & Samples - Eduyush
Updated Feb 16, 2026 ·
Health Insurance Claim Letter: Tips & Samples
Health Insurance Claim Letters: What You Need to Know Health insurance claim letters are crucial when seeking reimbursement or coverage for medical expenses. For many, a well-crafted claim letter...
Read article →
How to Cancel Progressive Insurance: Simple Formats inside - Eduyush
auto insurance Updated Jun 23, 2026 ·
How to Cancel Progressive Insurance: Phone Numbers & Email Template
How to cancel Progressive insurance: phone numbers and an email template for auto, home, renters, pet, and health policies, plus what to have ready, how to avoid fees...
Read article →
Cyber Insurance Silverfort 2025 MFA Requirements - Eduyush
business insurance Updated Jun 23, 2026 ·
Cyber Insurance Silverfort 2026 MFA Requirements
Most cyber insurers require MFA across all access to qualify. What insurers mandate, MFA requirements by area, what happens if you fall short, traditional MFA vs Silverfort, the...
Read article →

ACORD cancellation

ACORD cancellation form. How to fill form 35 with examples - Eduyush
Updated Feb 07, 2026 ·
ACORD cancellation form. How to fill form 35 with examples
ACORD Cancellation Form 35: How to Complete the Cancellation Request / Policy Release ACORD 35 is the standardized Cancellation Request / Policy Release form used across the US and Canada to...
Read article →
30 Questions to ask home insurance agent - Eduyush
home insurance Updated Jun 23, 2026 ·
30 Questions to ask home insurance agent
The essential questions to ask a home insurance agent, organised by topic: coverage and exclusions, deductibles and premiums, discounts, local disaster risks, liability, rebuilding cost and inflation, endorsements,...
Read article →

Homeowner right to repair for insurance. Questions? Answers.

What is the homeowner’s right to repair?

The homeowner's right to repair refers to the policyholder's option to choose their own contractors to perform repair work on their property following an insurance claim, rather than using contractors selected by the insurance company.

Why would I choose to exercise my right to repair instead of using the insurance company’s contractors?

Exercising your right to repair allows you to have more control over the quality of materials and workmanship, ensures that trusted and reputable contractors handle the repairs, and can often lead to a faster resolution as you are directly involved in managing the project.

What should be included in the request letter to the insurance company?

The request letter should include:

  • Your personal and contact information.
  • Details of the incident (e.g., date of the fire or flood).
  • Your policy number.
  • A formal request to exercise your right to repair.
  • Information about the chosen contractors, including their credentials and estimates.
  • An invitation for the claims adjuster to inspect the property.
How do I choose the right contractors for the repairs?

When selecting contractors, consider their experience with the specific type of damage (e.g., fire or flood), their reputation, licensing and insurance status, references from previous clients, and their ability to provide a detailed estimate and scope of work.

What if the insurance company denies my request to use my own contractors?

If the insurance company denies your request, you should ask for a detailed explanation. It may be helpful to review your policy to understand your rights and, if necessary, seek assistance from a public adjuster or legal counsel to advocate on your behalf.

Can the insurance company impose any conditions on my right to repair?

Yes, the insurance company may impose conditions such as requiring detailed estimates, using licensed and insured contractors, and ensuring that the repairs meet certain standards. It’s important to comply with these conditions to ensure your claim is processed smoothly.

What should I do if the repairs exceed the initial estimates?

Inform your insurance company as soon as you become aware of additional costs. Provide them with updated estimates and an explanation of why the additional expenses are necessary. Most policies will have a procedure for handling cost overruns, but it’s important to get prior approval from the insurer.

Can I be reimbursed for temporary living expenses while repairs are being made?

Yes, if your home is uninhabitable due to the damage, your policy may include additional living expenses (ALE) coverage, which can reimburse you for temporary housing, food, and other necessary expenses while your home is being repaired. Check your policy details and discuss this with your insurance adjuster.

Why CA Final Is the Best Time to Complete DipIFR
Updated Jun 12, 2026 ·
Why CA Final Is the Best Time to Complete DipIFR
DipIFR Strategy for CA Finals Why CA Final Is the Best Time to Complete DipIFR — Before Your Study Rhythm Disappears Most CA students assume DipIFR can always...
Read article →

Latest posts

Can You Pass DipIFR While Working Full-Time?
DIPIFR Updated Jun 12, 2026 ·
Can You Pass DipIFR While Working Full-Time?
Working professionals do pass DipIFR — including CAs scoring 91% with full-time jobs. A realistic study strategy on hours, mocks, writing and avoiding burnout.
Read article →
DipIFR Pass Rate 2026: Why Students Fail (and How to Pass)
DIPIFR Updated Jun 12, 2026 ·
DipIFR Pass Rate 2026: Why Students Fail (and How to Pass)
DipIFR exam strategy DipIFR Pass Rate 2026: Why Students Fail — and What Successful Candidates Do Differently Direct answer: The DipIFR global pass rate has hovered between 35%...
Read article →
Can AI Explain IFRS Correctly? ChatGPT & Accounting
Updated May 19, 2026 ·
Can AI Explain IFRS Correctly? ChatGPT & Accounting
IFRS + AI explained simply Can AI Explain IFRS Correctly? Where ChatGPT Helps — and Where It Gets Accounting Wrong AI tools like ChatGPT can explain IFRS concepts,...
Read article →
IAS 36 Impairment Testing: Examples, Entries & Mistakes
IFRS Updated May 19, 2026 ·
IAS 36 Impairment Testing: Examples, Entries & Mistakes
IFRS explained simply IAS 36 Impairment Testing: Journal Entries, Examples & Common Mistakes IAS 36 Impairment of Assets requires an entity to test whether an asset’s carrying amount...
Read article →