Cyber Liability Insurance Policy

A Cyber Liability Insurance policy provides coverage in a modular format and consists of third party and first party sections. Insurers generally follow the same policy format, coverage does however vary greatly from insurer to insurer and it is important that you obtain the coverage relevant to your businesses cyber risk exposures . Insurers to do not yet utilize same cyber terminology and this makes it a challenge to compare policy wordings.

A typical cyber liability insurance policy will offer the following coverage modules :-

1. Third Party Section

Network Security Liability

Liability to a third party as a result of the destruction of a third party’s electronic data. This also encompasses an inadvertent transmission of a computer virus to a third party.

Data Privacy Liability

The liability to a third party which may cause unauthorized disclosure of personally identifiable information or corporate information.

Multimedia Liability

Your liability arising from content on your website as a result of a defamatory comment, infringement of copyright or invasion of privacy.

2. First Party Section

Network Business Interruption

This represents coverage for the interruption or suspension of your computer systems as a result of a network security breach or network failure , the later of which may not be automatically included. Insurers will reimburse a businesses and any expenses incurred in order to mitigate this.

Data Asset Protection

This provides coverage arising out of the corruption or destruction of your computer systems. The loss covered is the replacement and restoration costs.

Cyber Extortion

A threat to the computer network where a ransom has been demanded, this will include negotiation costs.


Crisis Management

Costs associated with responding to a data breach including forensic costs, credit monitoring, call center costs and public relations costs.


In addition to this , it is important that the insurer is able to provide “vendors” who will manage a data breach , this should as a minimum include a firm of solicitors , a forensic investigation company and  a crisis response team.

Policy Basis

The policy will be on an “aggregate” policy basis, i.e. the total number of claims made in any one policy year.

Policy Retention 

A self – insured excess will be imposed by insurers which is the first party of any claim that you will need to pay.

The business interruption module will also be subject to a separate excess which is normally an hourly figure. This section will be subject to an indemnity period , which is the period that the policy will provide coverage for this module.

A good insurance broker who has expertise in the placement of a cyber liability insurance policy should be contacted so that you can obtain the appropriate advice and guidance on policy purchase.