Skip to content

What Incidents Are Covered By Cyber Insurance?


Cybercrime and data breaches have become more common as companies increasingly rely on technology for their business operations. Even worse, the impact of data breaches is not limited to direct financial loss, but also extends to reputational damage in the long run. In response to the growing danger of ransomware, distributed denial-of-service (DDOS), malware, hacking, and other cybercrime, many companies are turning to cyber insurance to provide a safety net in times of trouble. In this article, we explain cyber insurance and discuss what types of incidents are covered in a typical cyber insurance policy.

What is Cyber Insurance?

The concept of cyber insurance has existed for several decades. It is a specialized form of insurance designed to cover technological risks such as hacking, malware, ransomware, and more. This differs from traditional insurance options that cover more tangible risks such as theft, physical damage, fire, etc. Early cyber insurance policies were relatively limited in scope and coverage, but the severity and complexity of modern cyberattacks have driven insurance companies to update their offerings, making insurance an even more powerful tool. As a result, it has become a popular tool to improve cyber risk management. Insurance mitigates the heavy costs of cyberattacks and data breaches, easing the financial burden of data recovery, investigation, legal fees, ransomware, and more.

Types of Cyber Incidents That Are Covered

While each provider can differ in the exact types of coverage they provide, there are some common types of cybercrime that many providers deal with. It is also important to note that cyber insurance is always evolving as providers update their offerings in response to new cyberattacks and risks, which gives clients constant coverage against emerging risks.

Below is a list of the types of incidents often covered by cyber insurance policies:

Ransomware Attacks

This is easily the most common cyberattack for which companies use cyber insurance. Ransomware insurance covers the costs of ransomware payments and business recovery, as well as easing the pain of income lost during an attack. Ransomware attacks have become increasingly prevalent these last couple of years, and they can be devastating for businesses of all sizes, so using cyber insurance is an effective way to lessen the impact.

Social Engineering Attacks

Employees remain the weakest link in the security chain. Bad actors often target them as the starting point for data breaches. Cyber insurance policies can be used to cover direct financial damage, notification costs, and credit monitoring services resulting from these attacks.

Data Breaches

Data breaches—attacks in which sensitive data is stolen—can be highly damaging to a company. In such situations, cyber insurance can cover the resulting regulatory fines, legal fees, settlement costs, and the ongoing compliance issues.

DDOS and Other Business Interruptions

DDOS and similar types of attacks can bring business operations to a halt. Cyber insurance can be a lifeline in these times, compensating businesses for the lost revenue during and after an incident. This can even be extended to third-party providers on which the business depends, such as cloud platforms.


Cryptojacking is an attack in which attackers take over a company’s IT assets and misuse them for mining cryptocurrency. This relatively new attack has become more popular over time and can result in severe financial damage to a company. For example, the victim can incur heavy costs if the compromised server resides on a cloud platform that charges per usage. The financial impact of cryptojacking can be diminished with an insurance policy in place.

Insider Threats

When malicious or negligent insiders misuse their authorized access, severe problems can arise, including the theft of proprietary information via cyber espionage. Cyber insurance can cover the costs around these incidents, including investigation, forensics, and data recovery.

Internet of Things (IoT)-Related

As more devices connect to the Internet, IoT grows, opening more vectors of attack. Cyber insurance has evolved to deal with this threat, and providers offer policies that cover it now.

Supply Chain Attacks

Supply chain attacks are often a blind spot for most companies, so it is a smart idea to use cyber insurance as an extra line of protection in this area. Cyber insurance policies can now accommodate situations where a company’s third-party service providers are compromised, reducing the impact of financial damage that could spread to the company itself.

Incident Response and Recovery

Responding to security incidents can incur several costs, but cyber insurance policies can help cover them. These may include notification costs around informing affected bodies and regulatory bodies, public relations costs around media response and crisis management, and forensic investigation costs to determine the root cause of an incident and the extent of damage done.


These were some of the most common scenarios covered by cyber insurance policies. Because policies evolve over time, companies must ensure that their risk management processes stay updated with the evolving threat landscape and that their cyber insurance policies are aligned to protect against new attacks. To be effective as a control, businesses must look at cyber insurance not just as financial protection, but also as risk mitigation.

Exclusions in Cyber Insurance Policies

While effective as a cybersecurity control, insurance policies are not without limitations. Companies need to realize what situations are excluded from the scope of coverage. Some common exclusions are:

  • Acts of Terrorism: Damages that result from acts of terrorism or war are typically not covered in cyber insurance policies. 
  • Failure to Maintain Security Posture: A common requirement for cyber insurance providers is for the company itself to maintain an adequate security posture and demonstrate due diligence. If the provider decides that the company has not maintained appropriate levels of security, the provider may decide to limit or deny the policy.
  • Physical Damage: Physical damage is not covered by cyber insurance, as it does not fall into the “cyber” realm. Property damage or bodily harm are typically already covered by other types of insurance.

How To Choose the Right Cyber Insurance Policy

Cyber insurance policies come in various types, and businesses must thoroughly check the coverage terms and conditions before choosing a policy. It is important to know that a chosen policy will provide sufficient coverage. If it cannot cover the financial damage of an attack like ransomware or DDOS, it will not work as a risk-mitigating control. Aligning a policy with the company’s risk profile is typically a multi-stakeholder effort of cybersecurity, legal, and IT teams reviewing the document jointly. This ensures that all the required items are in the policy and no surprises are present if a cyberattack occurs and the policy must be activated.

A few of the critical items that must be reviewed are:

  • Policy Scope: The company must ensure that the policy covers relevant cyber incidents and is not limited to only a few types. 
  • Coverage Amount: The amount of coverage should be proportionate to the risk the company is exposed to in case of a cyberattack.
  • Exclusions: Cyber insurance policies can exclude specific scenarios, and it is essential to understand what they are. That way, if there is a gap in coverage, alternate methods of reducing risk can be pursued.


Cyber insurance has evolved over the years in response to the increasing severity of cyberattacks. Policies now cover a wide variety of incidents, making insurance a wise choice for improving cybersecurity; however, it is essential to thoroughly assess each policy before adopting it—that way, you can be confident that it will adequately cover your critical risk areas. With a good understanding of cyber insurance, it can become a crucial risk management tool in the fight against cybercrime.

Thank you for trusting us to help with your cybersecurity needs. Contact us any time – we’re always happy to help.  


Meet the Author
Adam Burke is Quest's Vice President of Sales and Partnerships.
Contact Quest Today  ˄
close slider