Cyber Liability Insurance

As cyber crime continues to rise, ensure your business is properly protected with the right cyber liability insurance policy for you.

What is Cyber Liability Insurance?

Cyber liability insurance UK covers the losses when you’re victim of a cybercrime such as a ransomware attack, phishing or a data breach.

As more and more companies manage their data and business online and as the threat of cyber crime is ever increasing, it’s more important than ever to protect your and your clients.

With the right cyber liability insurance in place, you can reduce your risk of attack, potentially minimise the damage of a breach and have the right cover in place to fund any potential losses.

Why do I need Cyber Liability Insurance?

No matter the size of your business, it’s likely you reply on information technology (IT) to some degree. This can include:

  • Holding sensitive customer details such as name, addresses and banking information
  • IT systems and websites that are used to manage / conduct your business
  • Processing payment card information

The number of cyber attacks is becoming more frequent and costs businesses billions every year. Small businesses are also at risk of cyber crime, and a lot of the time you may not even know you’ve been attacked.

If your systems fail, are interrupted, or hacked, you will be exposed to the risks of business interruption, damage repair, income loss, and possibly reputational damage. By having the right cyber insurance policy in place, you can minimise the damage, claim on losses, and have peace of mind that you’re protected.

Types of Cyber Security Attack

There are many types of cyber security attacks and lots of ways an attacker can infiltrate your date. Here are some of the most common types of cyber attack:

cyber liability insurance against malware

When a user clicks a ‘planted’ dangerous email attachment or link, which then installs malicious software inside the system and breaches the network

cyber security attacks - phishing

Fraudulent emails that appear to come from your company but are in fact designed to grant attackers access to your devices and extract sensitive data

cyber security at john morgan partnership

This is a form of attack where a hacker cracks your password with various programs and password cracking tools

man in the middle cyber attack

Man in the middle (MITM) attack, also known as an eavesdropping attack, is when an attacker comes in between a two-party communication to steal and manipulate data.

Cyber Attack Example

Even a small cyber attack can lead to astonishing damage to your company. Click to view an example of how a claim could proceed.

Claim Example
  • An employee is sent a malicious email at 4.55pm on a Friday from what appears to be the managing director. This is a classic trick which combines urgency, trust and the desire to start the weekend, making the employee more susceptible!
  • The employee clicks on the malicious link and downloads keylogging software which records everything including sensitive client details and bank details. This is a social engineering fraud which would introduce malware. It would require and incident response team to investigate what had happened and fix the issues.
  • The local newspaper is tipped off and asks for a statement before issuing their story in the next edition. Here you could benefit from the services of a public relations firm under your cyber insurance policy to help to maintain goodwill with your client base.
  • More than 2,500 credit card details were stolen or compromised. Privacy liability cover would be used and data notification costs would be covered. Should there be any legal claims brought by customers the defence costs could also be covered.
  • The hacker returns threatening to publish the financial data of your customers unless a ransom of £50,000 is paid. In this case the incident response team could investigate the threat and decide whether they should pay the ransom which would be covered under the cyber policy or if they can fix the issue without resorting to this. It has also been shown that once your services have been breached cyber criminals are more likely to make repeated attempts. A policy may also cover the betterment of your systems to better protect you from this threat.
  • The malware also damaged the hard-drive in this case. A cyber policy may also cover the costs to repair, restore or replace the affected parts of the software and even hardware systems.

Looking at a claim such as this it becomes apparent how costs can build from one very simple act. It’s important to consider whether you could foot the bill for all of these services and how it would affect your business if you were not able to.

Ensure your business is protected, click below to get a quote for Cyber Liability Insurance UK.

Get a Free Quote

How we can help

Policies can vary greatly in their scope of cover. Liability, electronic data, legal or investigative fees, loss of income, extortion losses and reputational damage are some of the key things you need to be aware of when choosing a cyber liability insurance policy, and not all insurers will cover every item on the list.

It’s easy to see why there can be some reluctance if it feels like no one is sure exactly what value they are getting from a policy. That’s why it’s so vital to have a cyber liability insurance UK broker who can discuss these concerns with you.

As a commercial insurance broker we have been offering our clients a tailored service at competitive prices for years and are always looking for the best ways to add value for our clients. Cyber is rated the number one risk to organisations, and so we are working hard to make sure our clients are protected by offering the right policy to fit your requirements.

Why Choose Us for Cyber Liability Insurance

cyber security insurance

Extensive cover

We will discuss your requirements with you and get to know your business so you can rest assured you have the right cyber liability insurance UK policy in place.

cyber liability insurance

Cyber essentials certified

At JMP we are proud to be Cyber Essentials certified as we are committed to the highest levels of professionalism as broker.

cyber security training at jmp cyber

Cyber security training

Our cyber liability insurance customers get access to cyber security training, giving your staff the tools to make the right decisions when dealing with data.

Cyber Liability Insurance UK

Claim Scenarios and Responses

Claim Scenario
Your computer system is infected by a virus and, as a result, your internal computer network is not available for an extended period of time.

Coverage Response
Payment for lost income as a result of the disruption and expenses incurred to restore operations.

Claim Scenario
A cloud services provider’s system is infiltrated by malware and rendered inoperable. As a result, you are unable to access its data and its business operations are shut down for an extended period.

Coverage Response
Payment for your lost income as a result of the disruption and expenses incurred to restore operations.

Claim Scenario
A fraudster hacks into your internal processing system. Names, addresses and National Insurance numbers for more than 50,000 of your customers are captured from the system, requiring notification to all 50,000 customers.

Coverage Response
Costs to deliver notice to impacted customers, and to provide credit monitoring, a call centre, and an ID fraud policy for impacted individuals.

Claim Scenario
Your system is compromised by malware that permits an unknown third party to gain access to 100,000 customer records containing personally identifiable information. Following your investigation, and notification to affected individuals, the local media runs an article about the event damaging your business’s reputation.

Coverage Response
Payment for lost income resulting from disclosure of the event

Claim Scenario
Your chief financial officer has his laptop stolen. The laptop contains more than 100,000 customer records, including National Insurance numbers.

Coverage Response
Costs for hiring a public relations firm to mitigate negative publicity generated from the incident.

Claim Scenario
You suspect that a fraudster hacked into your internal processing system when the police notify you of identity theft impacting a number of your customers.

Coverage Response
Costs to engage a forensics provider to contain the breach and determine its scope. Legal costs to determine your notification obligations under relevant privacy laws and provide other services to assist you in responding to and managing the breach.

Claim Scenario
A computer virus corrupts your software and data.

Coverage Response
Costs for recovery and restoration of your electronic data and computer programs.

Get a Free Quote

Answer a few simple questions about your business to get a tailored quote for Cyber Liability Insurance.

Speak to Our Team

Speak to a member of our expert cyber security team and we will be happy to answer any questions you may have.

Sections of Cover

Cyber insurers may use different terminology, but in general the covers can be separated into several broad categories.

What is interesting about cyber liability insurance versus other types of policies is the scope insurers have to deal. This creatively engages a number of different professionals in order to reach a cost effective and expeditious conclusion.

Each section of cover encompasses a number of different eventualities and can involve several different types of professional. There is some overlap, but this is a strength as the insurer acts as a hub to ensure the response is seamless, timely and co-ordinated.

Read more about different sections of cover of cyber liability insurance below…

This section of cover will generally pick up all of the costs involved in responding to a cyber incident in real time, including IT security and forensic specialist support, gaining legal advice in relation to breaches of data security. One of the most important aspects of a cyber liability insurance policy is that it provides access to the right specialists when time is of the essence as well as paying for their services. This can be the greatest proportion of the claims costs.

This section covers costs incurred in responding to fraudsters attempting to extort money out of an insured by either threatening to carry out a cyber attack or by threatening to expose or destroy data after having already compromised the victim’s network. Ransomware, where the victim’s data is encrypted (converted into an unreadable format) and only made accessible again by the payment of a ransom demand to the attacker, is one of the fastest growing forms of cybercrime. This method is still going strong with a rise in 2019 of 77% over the second half of 2018.

This covers losses suffered in direct response to a social engineering communication. This can include via email or on the telephone. It is also possible for some policies to cover your losses and sometimes even your client’s losses if they suffer losses due to being contacted by someone fraudulently purporting to be from your organization.

This section covers the costs for an insured’s data and applications to be repaired and restored in the event that their computer systems are damaged as a result of a cyber event such as malware. This is often critical in getting a company back up and running.

This covers any third party claims arising out of defamation or infringement of intellectual property rights. Media cover started out in cyber policies to offer protection in respect of online content only, but as policies have broadened over the years, it’s not uncommon for full media cover to be provided.

This covers the cost of certain fines and penalties that a regulatory body might enforce on an organisation as a result of them having suffered a data breach in so far as these are legal.

This cover will deal with any costs incurred should an individual or organisation take legal action against you over any alleged negligence in relation to your cyber activities. This is particularly important as there are likely to be many claims for compensation for distress following data breaches in the coming years whilst the parameters of this sort of claim are defined.

This cover aims to reimburse loss of profits and increased costs of working as a result of interruption to a business’s operations caused by a cyber event. It works in a very similar way to traditional business interruption insurance except the trigger is a cyber incident opposed to a physical one. While third party liability claims tend to be less common in cyber liability insurance, it is still important to have cover for them under this section. This can help you to maintain good relationships and become a provider trusted for your robustness.

Multiple coverage options for loss of income and expenses to restore operations as a result of an interruption to the computer system of a third party that the you rely on to run their business.

This covers third party claims arising out of a cyber event such as transmission of malware onto a third party’s system. Trojans such as Emotet can use your contacts list to send itself to your clients. Since these emails are coming from your hijacked email account the recipients are more likely to click bad URLs and download files infecting their own systems and becoming a vector to spread the malware themselves.

This section covers failure to prevent an individual’s data being breached. Cyber criminals are able to then sell this information on the dark web. With every breached database, more and more credentials, credit card details, passport information etc. appear for sale.

Cover for costs to draft, send and administer notification communications to those whose data has been stolen, misplaced or compromised. The average cost of a stolen or lost record is $148, Credit monitoring is often also included to ensure those affected are not subject to any fraudulent activity.

This is something that is not necessarily considered in the first instance however bad publicity can have a devastating effect on a brand as in the case of the Talk Talk breach where Dido Harding personally faced strong criticism for her response.

Consumers are becoming more aware than ever of the value of their personal data and how this can be exploited so it is not surprising that 47% of customers would consider no longer using a business due to breach.  And research from the Hiscox Cyber Readiness Report 2020 has shown one in eight (13%) businesses have experienced a reduction in business performance indicators such as their share price in 2020 (up from 5% the previous year). So it is easy to see how this seemingly small facet of cover can make a massive difference in saving your brand and your business.

Some cyber liability insurance providers cover for betterment costs to your system following a cyber incident to reduce the risk of a repeat occurrence.

It is important to note that cyber liability insurance can help you protect your intellectual property which is crucial to your business but most cyber security insurances will not cover losses resulting from the theft of this.

Cyber Liability Insurance UK – Common Terms

As with any contract it is vital you understand the small print of your cyber security insurance so you understand the cover you have in place but, as importantly, what does cyber security insurance not cover? Cyber insurers will constantly be reviewing these terms to ensure they are in line with best practice but it is helpful to have a general overview of things to look out for.

We will go through these details with you when explaining your individual policy but here is a helpful guide on some of the points which commonly arise when discussing cyber liability insurance UK.

Here are some common terms and further information that may help:

"Aggregate" Cover vs "Any one claims"

The sum insured on your policy can be calculated in two different ways. Some cyber liability insurance policies are written on an aggregate basis which means the number on your schedule is the total amount which your insurer will pay over the course of the policy period no matter how many claims you make. Some policies are written on an any one claim basis which, as it sounds, means that the number on your schedule is the maximum amount your insurer will pay in relation to any one incident and will pay up to this amount once again should you suffer another incident.

Cost included/exclusive

This term may be found in your cyber liability insurance policy and means that the legal costs incurred may either be included in the total sum insured or may be covered in addition to the sum insured (there may be a further limit for this).

Too good to be true?

If a cyber liability insurance policy appears much less expensive than others there is often a reason! This may be because the policy is very basic with a number of extremely important covers coming at an additional cost. Some policies may only cover costs required by law, but may not cover the total incident costs. A very basic cyber insurance policy can exclude crime cover- which means phishing and social engineering cover would be excluded.

Specified covers

In this vain, it is very important to remember that cyber liability insurance UK policies are written to cover specified perils. Rather than being a catch all policy for any eventuality the policy will only cover you for what is outlined in the policy wording. Some policies may cover attacks or hacks, but may not cover accidents and errors. They may exclude software or systems in development or beta. They may not cover incidents caused by contractors. There may also be sub limits under different sections of cover which could leave you exposed.

Business interruption

Another way a cyber liability insurance policy might differ is when it comes to the type and extent of business interruption cover it offers. Depending on your activities this can be one of the most devastating losses and so it is important to pay special attention to this. Firstly, the coverage might be limited to just the time there is network disruption and may not extend to cover the full disruption to the business. It is also important to consider where you are within the supply chain and how an incident at your business could affect any interconnected businesses. It is also very important to check the excess and indemnity period under any business interruption cover. For example if your business is likely to start losing significant revenue immediately an excess period of 24 hours may not be suitable and if you suffer issues of good will with clients it may be more beneficial to have an indemnity period of 3 months rather than 28 days.

Third parties

They may limit or exclude systems delivered by outsourced service providers If the cloud service provider suffers an attack and goes down, meaning you cannot operate, it is your business that will potentially suffer first party business interruption and the additional costs incurred in attempting to continue trading. It can prove extremely difficult, and potentially impossible, to recoup these losses from your IT provider. Additionally, if a breach of data that you are responsible for occurs at a third party provider, it is still you that is responsible and your reputation that will suffer.


As with any policy it is important to pay attention to the notification requirements. Certain policies may have onerous requirements or they might even refuse to look at a claim if there is an unreasonable delay in reporting an incident. On the flip side some policies can offer incentives for prompt reporting of any issues such as a reduced excess.

Appointing experts

Some cyber liability insurance UK policies may only cover insurer-appointed advisers and specialists. This is extremely helpful for SMEs who may not have the resources to have a panel at their disposal. However if you do prefer to engage your own choice of firms you may need to pay an additional excess or any additional costs yourself. This can sometimes be negotiated with the insurer but it is better to do this when choosing a policy rather than trying to make a claim.

What Does Your Cyber Security Insurer Expect From You?

Historically cyber security insurers have been keen to assist with incidents in any way they can but it is important to note that in order to be sure you can rely on the assistance of your provider you must comply with the terms laid out in your policy wording. This is the basis of the cyber liability insurance contract which is essentially a promise to pay in the event of specified circumstances. If you fail to comply with any of the terms it is possible that your claim may not be paid.

It is important to know exactly what has been set out in your individual policy as this can vary from insurer to insurer. Your cyber liability insurance broker should be able to help you with this.

There are some general minimum standards you may be expected to meet and these could include Procedural and Security standards.

Procedural Standards
  • Have a dedicated individual responsible for information security and privacy
  • Perform background checks on all employees and contractors with access to sensitive data
  • Perform background checks on all employees and contractors whose work involves critical IT infrastructure
  • Restrict access to sensitive data (including physical records) to only those requiring it
  • Have a process to delete systems access within 48 hours after employee termination
  • Have written information security policies and procedures that are reviewed annually and communicated to all employees including information security awareness training
  • You are compliant with, or not subject to, Payment Card Industry Data Security Standards (PCI/DSS)
  • You are not aware of any circumstances which could give rise to a claim.
  • You have a procedure in place to require independent verification of the legitimacy of payment instructions before amending bank details or making payment to a recipient for the first time.
Security Standards
  • You use anti-virus, anti-spyware and anti-malware software
  • You use firewalls and other security appliances between the internet and sensitive data
  • You use intrusion detection or intrusion prevention systems (IDS/IPS) and these are monitored
  • You perform regular backups and periodically monitor the quality of the backups
  • Your computer equipment has up to date software protecting against viruses and malicious code which is updated at least once per month.
    Access to your computer systems is authenticated by individual identification and passwords and all default passwords and codes are changed.
  • Updates to firmware, software and operating systems are updated and completed to address identified vulnerabilities within 14 days if the threat is identified as critical, important or high by the provider.

This list is by no means exhaustive, and not every policy will apply every term, but it a good starting point to think about the terms you are expected to comply with and to speak with your broker if you have any concerns.

Get a Free Quote

Answer a few simple questions about your business to get a tailored quote for Cyber Liability Insurance.

Speak to Our Team

Speak to a member of our expert cyber security team and we will be happy to answer any questions you may have.