1.800.444.1744 Get Appointed

Our team is currently working through carrier commission payments. ACH deposits will be paid as Hull & Co. Checks will be paid from Bridge Specialty Group Northeast. Commissions statements and payments will be processed within the first 6 business day of the following month.
LocalEdge and Bridge Specialty logos
Log-in

Cyber Insurance Guide & Glossary

At LocalEdge, we help businesses of all sizes protect themselves against losses or damages caused by data breaches and cyber-attacks.

Learn more about our cyber coverage or visit our appetite guide page to see our other coverage options.

Connect with our team of brokers for any cybersecurity questions or to obtain a cyber insurance quote for your customers.

Phone: 800.444.1744, option 1, then 4

Email: [email protected]

Cyber FAQ

What is Cyber Insurance?

When a breach occurs, cyber insurance covers a broad range of specified resulting expenses. These include identifying and solving the breach, recovering data, customer notifications, PR costs, possible credit monitoring expenses, legal expenses, potential fines from regulators, extortion costs from ransomware, and general business interruption, all up to specified limits or the policy limit generally.

Do hackers really bother with attacking small businesses?

Yes. Hackers use technology to scan the Internet for businesses with weak defenses regardless of the size of the business.

A recent Verizon report notes that 43% of all cyber attacks are against small businesses. Worse, 63% of small businesses had experienced a breach in the last 12 months. Any business with a computer and an internet connection is at risk – even if you don’t sell anything on your website.

What's covered?

First-party coverage – Covers damages a business sustains directly from a cyber breach. This can include things like investigative services costs, business interruption coverage and data recovery.

Third-party coverage – Covers damages if a business’ customers or partners are affected by a cyber attack and seeking to hold the insured liable for those damages. This can include legal fees, settlement costs, security failures and media liabilities.

Cyber crime – Covers damage due to any type of criminal activity that occurs using digital means. Examples of cybercrime are extortion/ ransomware, phishing, social engineering, and wire transfer fraud.

Doesn't my current business insurance include cyber attacks?

Many general business policies only partially cover damage from cyber events, if at all. As mentioned above cyber coverage provides significantly greater protection against the potential damages, expenses, and lost business that can result from a cyber attack.

What should I consider when choosing between purchasing a stand-alone cyber policy vs. adding an endorsement to an existing policy?

To be best protected, you want to consider obtaining all levels of available coverage: first-party, third-party, and cyber crime. Further, since some cyber events can result in large expenses, it is important to confirm you have adequate sublimits for each of three above coverages.

Why might I need a "Breach Coach"?

If your company gets hacked, you will need a breach coach to get your business back up and running fast. When a breach occurs, you need to assess and contain the damage, notify affected parties (e.g. customers and vendors), evaluate and act on the legal ramifications from agitated customers to regulatory bodies, and more. A breach coach will quickly assemble the right response team to deal with these issues. Without an expert it all falls on you, costing you time and money while adversely affecting your business. Fortunately, most insurance companies now provide a breach coach as part of a greater suite of services when you purchase stand-alone cyber insurance coverage.

 

Do small businesses need cyber insurance if they practice good cyber hygiene?

Being properly protected definitely helps. However, there is no way to fully protect against new threats or human error. Hackers are always adapting to overcome cyber defenses with new versions of current threats or creating brand new methods of attacking businesses. However damaging a new threat can be, the single biggest contributor to a breach is human error. Easy-to-hack passwords, phishing emails, or even a lost laptop all present potential entry points for a cyber criminal. Finally, a third-party vendor could be attacked impacting your ability to do business. A thorough cyber insurance policy is part of your overall risk management plan to ensure your business runs smoothly.

 

What types of customers need cyber insurance and why?

Any business that stores, processes, or relies on digital data or systems can benefit from cyber insurance. This includes companies that handle customer information, accept electronic payments, use email to conduct business, or depend on technology to operate. Cyber insurance helps address financial losses, legal obligations, and recovery costs that can arise from data breaches, cyberattacks, or system disruptions.

Cyber Coverage Glossary Terms

• Business interruption
Coverage that may respond to loss of net income and certain continuing expenses resulting from a disruption to business operations caused by a covered cyber event.

• BI (Business interruption) waiting period
A specified period of time that must elapse after a cyber event before business interruption losses become payable under the policy.

Bricking coverage
Coverage that may apply to the cost of replacing computer or electronic hardware rendered permanently inoperable due to a failed software or firmware update or a malicious cyberattack.

• Computer fraud
Coverage that may insure against the theft of money, securities, or property resulting from the use of computer systems to fraudulently transfer assets without the insured’s authorization.

• Contingent business interruption 
Coverage that may apply when a cyber incident affecting a third-party vendor, supplier, or service provider causes a disruption to the insured’s operations and results in a financial loss.

• Cyber crime
Coverage that may respond to financial losses resulting from criminal activities carried out through digital or electronic means, such as ransomware, phishing, social engineering, or wire transfer fraud.

• Data recovery
Coverage that may respond to costs associated with recovering or recreating lost, corrupted, or damaged data following a covered cyber event.

• Data restoration
Coverage that may apply to expenses incurred to restore data from backups or other storage media following a cyber incident that results in data loss or corruption.

• Extortion/Ransomware Coverage
Coverage that may respond to cyber extortion events, including expenses related to responding to ransomware threats, such as ransom payments (where legally permitted), negotiation costs, and efforts to regain access to systems or data.

• First party claim 
Coverage that may respond to losses and expenses directly incurred by the insured as a result of a covered cyber event, such as business interruption, data restoration costs, or cyber extortion payments, subject to policy terms and conditions.

• Funds transfer fraud 
Coverage that may apply to losses resulting from unauthorized payment instructions sent to a financial institution by a third party without the insured’s knowledge or consent.

• Media liability 
Coverage that may respond to claims alleging media-related offenses such as defamation, invasion of privacy, copyright infringement, or plagiarism arising from the insured’s digital or published content.

• Notification costs
Coverage that may respond to expenses associated with notifying affected individuals and regulators following a covered data breach, where notification is legally required.

• PCI (Payment card industry) 
Coverage that may apply to certain assessments, fines, penalties, or costs imposed by payment card brands or banks resulting from non-compliance with PCI DSS requirements following a data breach.

• Privacy regulatory liability (Regulatory)
Coverage that may apply to regulatory investigations, fines, penalties, and related defense costs arising from an organization’s failure to protect sensitive personal or corporate information.

• Social engineering coverage
Coverage that may respond to financial losses resulting from fraudulent schemes in which an employee or officer is deceived into transferring funds
to a cybercriminal.

• Third party claim/Liability Claim 
Coverage that may respond to claims or lawsuits brought by third parties alleging damages caused by the insured’s failure to prevent, respond to, or
mitigate a cyber incident.

This material is informational only, not an offer or guarantee of coverage, and is designed for professional insurance agents and advisors. It is not legal, tax, or compliance advice and may be outdated as we will not be updating it to maintain accuracy. Coverage terms and descriptions are summaries only, subject to actual policy terms, conditions, limitations, and exclusions.

We hope you are interested in learning more about our services and encourage you to inquire with [email protected].

Cyber Blogs

Guide: Cybersecurity Risks and What Small Businesses Should Protect

Guide: Cybersecurity Risks and What Small Businesses Should Protect

Guide: Cybersecurity Risks and What Small Businesses Should ProtectThe holiday shopping season is prime time for cyberattacks. Higher online traffic, distracted shoppers, and quick-purchase behavior make it easier for cybercriminals to strike. Whether your customers...