The Cody Group


Staying Updated

What is Cyber Insurance and What Does it Cover?

“Cybercrime…is the greatest threat to every profession, every industry, every company in the world.” Ginny Rommini, CEO, IBM.

Cybercrime is expected to cost businesses $6 trillion globally by 2021. That figure is almost unfathomable for most people. But here’s a figure you can get your head around: $15.4 million. That’s the average cost of a cyber-attack to an American business.

And that’s just the direct financial costs related to investigations, business losses, and lawsuits. The true total costs of a cyber-attack are nearly impossible to quantify.

Data breaches can damage shareholder and investor perception, erode customer confidence, and do irreparable damage to your business’s reputation and brand identity. All these can choke off growth and revenue and in some cases —especially for smaller firms— put you out of business permanently.

Businesses are becoming increasingly aware of these risks. According to Gartner, cybersecurity spending is expected to reach $96 billion in 2018, an 8% increase over 2017. And while nearly every business invests at least some of its budget in cybersecurity, only about 1/3 of small-midsize businesses have cyber insurance to transfer some of the risk in the event of an attack.

Still, cyber insurance premiums are expected to grow to $7.5 billion by 2020, according to pwc.


Cyber Insurance


Cyber insurance (also known as Cyber Liability Insurance) protects individuals and businesses from damages related to data breaches and cyber-attacks. Cyber insurance can sometimes be combined on a policy with Errors and Omissions Insurance depending on the type of business. Every policy is different and the ever-evolving nature of cyber-attacks is changing the cyber insurance landscape constantly.

Generally speaking, cyber insurance can cover losses from:

Data breaches

Security Intelligence estimates the cost per record breached rose to $148 in 2018, and the total cost per breach to be anywhere from $2.2 million to $6.9 million depending on the size of the breach. 

Social Engineering, Spoofing and Phishing

Email spoofing and phishing scams and becoming more prominent and sophisticated.  The result of which is businesses sending funds to an incorrect party causing financial that aren’t reimbursed by banks.

Third party lawsuits

Businesses that collect and store customer data are susceptible to third party lawsuits if that data is stolen. Many third party payment processors will hold and encrypt client credit card data but won’t indemnify the company using their services, opening the company up to lawsuits from its customers


Several companies have had fines totaling in the tens of millions of dollars levied against them for their carelessness in safeguarding or mishandling customer data.

Legal fees

Lawsuits related to data breaches can drag out for years and legal fees can run into the tens of millions of dollars, contributing significantly to the overall costs of a data breach.

Business losses

As noted above it is simply impossible to quantify the loss of revenue and business that results from loss of brand confidence after a public data breach.  


Who Needs Cyber Insurance?


Small to Medium Sized Business Cyber Insurance

Don’t be fooled into a false sense of security just because you think your business is too small for hackers to bother with.

According to a 2016 survey by Ponemon Institute, “no company is too small to avoid a cyber-attack or data breach.” Out of the 598 small to medium sized companies that were surveyed, 55% said they were victims of a cyber-attack and 50% said they had a data breach in the prior year.

Contact the Cody Group today to discuss protecting yourself or your business from severe losses due to a cyber-attack or data breach.  

Dominic Piccirillo