Close this search box.
Close this search box.

Cyberinsurance: Everything You Need to Know About Why and How to Buy It

Recent news about hackers breaking into large companies’ systems and wreaking havoc has caused senior executives at companies of all sizes to consider adding cyberinsurance to their portfolio of protections.

In fact, if a CEO has not thoroughly considered cyberinsurance, one has to question whether his or her fiduciary duty has been met.

A recent article in The Wall Street Journal calculates the size of the threat that hackers pose to companies. As one cybersecurity expert states, hackers dwell in a company’s system for a median average of 209 days and most often the company executives don’t find out about it until an outside agency such as the FBI becomes involved.

“Existing business insurance policies usually do not cover cyberattacks.”

Costs associated with a data breach are high, and can easily exceed $100 million. A 2014 study of U.S. companies by the Ponemon Institute puts the cost of a data breach at $195 per record lost, (an average of $5.85 million per incident).

Common misperceptions about cyberinsurance include:

  • Our existing business insurance policies cover cyberattacks. Not true! Almost all companies have some sort of Commercial General Liability insurance and generally these policies will NOT cover your company.
  • Cyberinsurance policies are expensive. Not necessarily. With adequate IT infrastructure and legal and management assistance, most policies are affordable
  • The ‘standard’ cyberinsurance coverage will do. A cyberinsurance policy is tailored to each company, and the carriers offer to cover different types of risks.

So what does cyberinsurance cover?
Cyberinsurance policies can be broadly divided into two types of risks to be covered:

  • First-party risks. This is the risk of damage to your company and your company’s IT infrastructure. This includes loss or damage to electronic data, software and hardware. Coverage should include remediation costs (i.e., the cost to hire people to restore or rebuild your IT systems).
  • Third-party risks. These risks are extensive, and the policy should cover damages caused by the data breach to other individuals, including customers and other businesses. Third-party risk coverage should include the costs of defending claims from customers, contractors, shareholders and regulators, and may also cover any resulting penalties. In the first of what could be many lawsuits, Target recently settled with MasterCard for $19 million in damages to the credit card company.

How to get started
Once you’ve decided to purchase cyberinsurance:

  1. Contact a broker who has cyberinsurance experience and discuss potential insurance companies. These insurance carriers will conduct reviews of your company and recommend types and levels of coverage.
  2. Obtain experienced legal counsel who can work with company executives and the potential insurance companies to ensure the resulting cyberinsurance policy adequately covers a company’s risks.

There are additional hidden benefits of cyberinsurance. Management will gain a better understanding of the company’s risk profile. And the insurance company will likely provide suggestions on how to increase your company’s IT security and training. With the assistance of qualified counsel, most companies take the next step and develop a data breach response plan. Finally, if the worst should happen and your company becomes a victim of a hacker, your legal counsel and insurance company are ready to assist in executing your data breach response plan.


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events


    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)


    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.