Guide on buying cyber insurance – *Hacked*


Buying cyber insurance ? An array of general insurance providers such as Chubb, AIG and Allianz are competing to capture a fair share of Cyber Insurance market. As more insurers understand the demand for Cyber Insurance, we can expect more players to join in. No matter how many insurers join the fray, the products will never be the same. Each Cyber insurance policy will be tailored for specific market segment and obviously to make profits ( from the insurer point of view at least).As mentioned, there are plenty of Cyber Insurance policy in the market, the question now is “which is the right insurance policy for my company and why?” In today’s topic of “Buying cyber insurance” , we will explore some of the important buying considerations that you will not want to miss.

Before we begin, this is part two of our Cyber insurance article. We encourage you to read part one of the article (if you have not done so). This will allow for better and maximum understanding of this topic all together. Ready to begin?

Buying cyber insurance

Buying cyber insurance? Let’s Compare Policies

There are many choices of cyber insurance in the market. Before Buying cyber insurance, it is a good idea to compare the policy features. So, go ahead, grab samples of  Cyber insurance policies from your choice of insurers. Before you just glue your eyes to the premium costs, you should find out if the insurance policy covers all our concerns that we mentioned in PART 1 of this article. They do cover? Great! Before Buying cyber insurance , In addition, we will need to find out if the insurance policy covers the followings as well:


Buying cyber insurance? What coverage?

  • Find out from your insurer, is this insurance policy a standalone policy or is this an extension to your existing business insurance policy? Usually, a standalone policy tends to be more comprehensive and you do not need to worry of “mixing and marriaging” couples of policies together. When you mix these policies, you are bounded by even more insurance contractual statements and there are possibilities you could miss some contractual statements. You want to be clear on what you are pain and when. Obviously, you do not want to lead a life of confusion. Do you?
  • Is the proposed policy an off the shelve product or is it customizable to your business needs and your expectations? Generally, a customizable policy is better suited for businesses as you can pick and choose the most important insurance policy coverages and the amount. You do not want to pay for some coverage that you will not need or you will never claim from. Also find out if there is an element of co-insurance attached to the policy. If coinsurance has been added, then find out how much is the deductibles? Do take note, when you compare policies, ensure the policies that you are comparing are close to each other in terms of benefits, contractual statements and cost. You do not want to compare an apple with an orange.
  • Some policies exclude coverage for third-party. Like a car insurance, coverage for third-party is important in cyber insurance. If they provide third-party coverage, then it is important that you read between the fine lines to better understand what covers and not, when it covers and when it will not.
  • Cyber attacks can come in many forms and design. Some attacks are directed to the victim on purpose and other attacks happens because it was passed on or shared by another victim. In second attack, it simply means you are unlucky for you have been at the wrong place and at the wrong time. Likewise, does your insurance policy covers both directed and non-directed attacks on your business?
  • Most Cyber attacks usually arise from internal staffs. Staffs with ill intents could be the main cause of Cyber attack on your business. Before Buying cyber insurance, It is important your insurance covers attacks arising from non-malicious and malicious actions taken by your employee.
  • Assume, you have bought a policy on January but by March, you have overlooked and lapsed your policy. On January, your employee planted a virus on your computing system and sadly, the virus was only noticed on March (when the policy has been lapsed). Will your insurer pay you? Take note, some policy as per occurences, it means you will be paid of the initial cyber attack action with intend took place when the policy was in force even though you found the crime few months later when your policy has lapsed. Buying cyber insurance with this feature can be more expensive but it is worth the cost.


Tip:  Use a comparative checklist. Add the product features of the plans alongside each other and you will have a clearer picture.

Read on – the final part

Now that we have quickly covered part two of our article on Cyber insurance comparison considerations , we encourage you to complete the loop by reading part three and final part  of this article.