What is Cyber Insurance?

Who needs it, what it should cover, and how to apply.

STRUAN TODD

Vice President - Underwriting

Every single day we hear about another company who has been attacked—whether their data has been stolen, computers forced offline, ransom requested, or they’ve been defrauded of hundreds of thousands of dollars in a sophisticated phishing scam.

 

These stories are not new. In fact, they are unfortunately commonplace.

 

What is shocking about these stories is that the vast majority of victims have no means of recovering from such an event. When a fire threatens your home or property, firefighters are on call and your home and contents insurance policy typically covers the damages. 

 

But what happens when your property is digital and threatened not by a fire but by a faulty security configuration or malicious piece of code?


 

What is cyber insurance?

 

Like most other insurance types, a cyber insurance policy acts as a risk transfer tool. It aims to cover the costs associated with recovery following a cyber-related security breach or similar event. 

 

These costs can be substantial.

 

According to IBM’s 2020 Cost of a Data Breach Report, the average cost of a data breach stands at USD 3.86 million. Sample costs include everything from business interruption losses, extortion payments, and IT remediation charges to the price of services such as digital forensics, legal counsel, and public relations consulting—not to mention several third-party costs including customer notification, credit monitoring, and potential litigation.

 

Standalone cyber insurance policies (as opposed to cyber extensions, see below) typically provide coverage for the full spectrum of cyber risks, from human error to cyber attacks, financial losses, and reputational damage.

 

(Curious? View our policy coverage areas.)

 

Cyber insurance policies also usually include a professional response panel made up of digital forensics, legal consultants, and public relations experts to streamline and facilitate the entire cyber incident response process. In the middle of a cyber emergency, it certainly helps to know that you have a specialised team managing incident response and recovery.

 

For example, all Pandamatics Underwriting policies are backed by responders from Blackpanda, Asia’s premier digital forensics and incident response firm. We work closely with Blackpanda and our own response panel to ensure you recover as quickly and efficiently as possible following an incident.

 

(Meet the full Pandamatics Underwriting Response Panel.)


 

Who needs cyber insurance?

 

Virtually every modern business holds digital assets that are at risk. 

 

The data, software, and computers that you use every day are critical to maintaining normal operations. Of course, businesses that process the personally identifiable information of their customers are at increased risk of a data breach—especially if that data includes highly valuable credit card information, medical records, or other sensitive information.

 

However, any situation that threatens access to or exploitation of your internal systems or data poses a serious threat to your ability to operate.

 

Ask yourself: What are the costs to my organisation of being completely offline for one day? One week? One month? Purchasing a cyber insurance policy can help you get back to business faster, covering related costs along the way.

 

Furthermore, no password, anti-virus, firewall, or other cyber security solution can ever be 100% secure. As such, it is important for organisations of all industries and sizes to have a team of cyber “firefighters” standing by with a helpful insurer to financially cover any residual damages.


 

Do I already have cyber insurance?

 

Some non-cyber policies such as management liability or professional indemnity insurance may include elements of cyber coverage under what is called a “cyber extension” to the policy. 

 

However, cyber extensions are not designed to provide the same quality or range of coverage provided by standalone cyber insurance policies. Cyber extensions normally provide lower limits of coverage and compensation for a more limited variety of claims.

 

Pandamatics Underwriting advises all organisations to purchase a comprehensive, standalone cyber insurance policy designed to cover the full range of cyber risk. 

 

Standalone cyber insurance policies cover the following as standard:
 

1. First-Party Coverage

  • Incident response and investigation fees

  • Digital forensics expenses

  • Extortion and ransomware negotiation 

  • Credit monitoring and protection

  • Business losses and interruption

  • Data and systems recovery and restoration 

  • Lawsuits and extortion (Errors & Omissions)

  • Public Relations costs

  • Legal Representation Expenses

2. ​​Third-Party Coverage

  • Network security, privacy, and notification

  • Regulatory fines (where insurable by law)

  • Media liability

  • Transmission of damage and malicious content

How much does cyber insurance cost?

 

Cyber insurance premiums can cost as little as USD $500 per year and can be tailored to suit your individual organisation’s size and needs. However, cyber insurance policies are not one-size-fits-all, which is why it is so important to work with a knowledgeable broker and cyber underwriter that you trust. 

 

The cost of a cyber insurance policy is dependent on a number of factors including the industry segment of operation, revenue of the business, amount and type of data maintained, and overall risk posture. Other factors include previous history of claims (if any), and the amount of coverage requested. 

--

 

With many considerations to keep in mind, applying for a cyber insurance policy may seem daunting. However, the right broker can help guide you through the process to achieve the right coverage for you at the right price. 

 

Interested in a quote? Reach out to your trusted broker today to apply for a Pandamatics Underwriting cyber insurance policy.

 

For more information about Pandamatics Underwriting policy coverage, response panel, and value-add services and technologies, please visit our Policy Coverage page.

 

If you have any questions at all, please contact us at info@pandamatics.com or fill out the contact form.
 

--

Pandamatics Underwriting is Asia’s first and only pure cyber coverholder. Our comprehensive cyber insurance coverage is backed by specialised cyber security expertise and truly holistic post-breach value-add services and technologies.

 

Pandamatics Underwriting offers privileged access to trusted cyber risk management partners including Blackpanda, Asia’s premier cyber incident response firm, as well as SentinelOne, Acronis, and Horangi Cyber Security – helping manage organizational risk as well as facilitate fast and efficient response in the event of a breach.