Cyber Insurance

Coverage Need Reasons?


A company is hit by ransomware every 40 seconds somewhere in the world, thanks to the rise of ransomware-as-a-service model that is available ‘on demand’ to criminal gangs who increasingly target businesses. To date, 2017 has seen this trend play out in full force, with high-profile attacks such as Petya and WannaCry.

Ransomware is estimated to be a billion dollar plus industry, and the damages caused by it to industry is many orders higher. The lossesfrom Petya on Danish shipper Maersk was estimated to be $200-$300 million. Losses from WannaCry alone were estimated to be around $4 billion.

India too has seen breaches of large magnitude in recent times. More than three million Indian debit cards were compromised in late 2016, reportedly affecting operations of all the major banks. In May last year, Zomato’s user data was dumped on the darkweb, and later pulled down by the hacker. And also in June 2017, Reliance Jio’s database was temporarily leaked online and an Ola employee was arrested for unauthorised use of the know-your-customer feature of Aadhar, the country’s unique ID project.


Any risk of financial loss, disruption or damage to the reputation of an organization from some sort of failure of its information technology systems (includes networks & the internet).

  1. Common First-Party covers direct financial and consequential losses:
    • Forensic investigation of the breach
    • Legal advise to determine your notification and regulatory obligations
    • Business Income & Extra Expenses (due to breach)
    • Crime
    • Extortion
    • Public relations
  2. Common Third-Party (includes third-parties with no direct contact) if you fail to protect your client confidential information:
    • Financial damages to that party
    • Legal defense
    • Settlements, damages and judgements related to the breach
    • Regulatory fines & penalties (including Payment Card industry fines)
    • Costs of responding to regulatory inquiries
    • Professional liability


  • Business Interruption: If your computer systems are crippled, so too is your business.
  • Notification Costs: Both legal and ethical obligations to inform your customers and the public that their information is at risk
  • Credit Protection: If a breach occurs, your company will be financially liable for the credit monitoring services for your customers (required by law)
  • Forensic Costs: You must investigate to determine how much damage was done. Specialists are expensive and vetting one is time-consuming
  • Cyber Extortion: When a hacker holds your information hostage, you may have to pay to get it back, and maybe pay again
  • Crisis Management: Fees for public relations to reestablish your business' name as a credible and reliable institution
  • E&O Policy or GL exclusion: E&O Policies only cover errors in the course of professional services. You won’t get credit monitoring services coverage or notification expense coverage from an E&O policy