How Much Cyber Liability Insurance Do I Need? Canada Techs Team July 1, 2021
Cyber Liability Insurance

[et_pb_section][et_pb_row][et_pb_column type=”4_4″][et_pb_text]

How Much Cyber Liability Insurance Do I Need?

We’ve all heard of several data breaches that have affected government organizations and businesses of all sizes. It is, therefore, unsurprising that the number of cyberattacks targeting businesses is steadily increasing each year. Depending on the scale and severity of the attack, companies face hefty fines and expensive legal settlements that could easily top six figures. These attacks don’t just wreak havoc on a business’s finances but may also trigger reputational damage. To protect themselves, many companies today are purchasing cyber liability insurance. 

What is cyber liability insurance?

Cyber liability insurance is a form of cover designed to help companies recover from cyberattacks and other data breaches. The policies vary extensively because most insurers that offer cyber coverage use forms that they developed themselves. 

The goal of cyber liability insurance isn’t to prevent data hacks but to help businesses respond effectively, cover costs and quickly move on. It shields companies from cybercrimes, including breaches of confidentiality with customer information, loss of data, electronic theft, loss of income due to temporary suspension of business operations, and other related losses. 

What does cyber liability insurance cover?

One of the questions many often ask is what is included in cyber liability insurance cover. Generally, it covers:

  • Customer Loss
  • Business Interruption
  • Incident Response Expenses
  • Regulatory Defense and Penalties
  • Cyber Extortion 
  • Digital Asset Destruction 
  • Direct financial loss

These expenses above contribute to the $3.62 million global average costs of cyber breaches. However, the policies don’t cover bodily injury, criminal activity, loss of property, or social engineering (such as phishing). It’s also important to note that there are no standards because this type of coverage is relatively new, so not everything listed above will be included with all policies. 

First-party vs. Third-party cyber insurance

As far as data breach protection goes, cyber liability insurance coverage is split into two categories: first-party and third-party coverage. 

1. First-party cyber liability insurance 

First-party coverage pays for immediate expenses that a firm directly incurs as a result of a breach. This includes:

  • Cost of notifying employees and the public 
  • Repairing any damaged software or hardware 
  • Protecting the company’s reputation with a marketing and public relations response
  • Business interruption costs and missed income while business operations are suspended 
  • Extortion money (used to appease a hacker who threatens your data or systems unless you pay them a ransom) 
  • Other ancillary costs such as paying for credit monitoring for customers

Any businesses that use electronic data should consider getting first-party cyber insurance coverage to help pay expenses should an intruder infiltrate their network. Companies that handle a large amount of sensitive customer information typically pay more for this coverage. 

2. Third-party cyber liability insurance 

Third-party cyber liability insurance is tailored towards covering your responsibility for securing your network and helping your company defend itself against lawsuits and legal claims. It typically comes in effect when accusations that your business failed to prevent a virus or disclosure of confidential information. The coverage includes:

  • Privacy lawsuits claiming that you breached the privacy of customers or employers 
  • Fines from regulatory bodies 
  • Media liability claims such as copyright infringement, libel, or slander 
  • Breach of contract 

Third-party cyber liability can be compared to professional liability insurance. It is particularly suitable for businesses that install or service IT infrastructure for other companies. 

How much does cyber liability insurance cost?

Cyber liability insurance costs vary depending mainly on the various underwriting factors that allow the insurer to determine the potential risk that your business faces. However, the median price of a cyber liability policy for $1 million in coverage in 2019 is $1,500 per year, with a $10,000 deductible. 

Some businesses pay more or less than $1,500 per year, depending on several key factors. 

Factors that affect cyber liability insurance cost

Your cyber liability insurance costs depend on a variety of factors, including:

1. Size and industry 

The size of your company and the more employees you have, the greater the risk of phishing and social engineering attacks you face. Hackers are usually more attracted to larger companies because the effect of any breach is generally very significant. Similarly, the industry plays a key role and is regarded as the single most crucial factor in determining the needs and cost of cyber insurance. 

Industries are broadly categorized into three tiers: low, medium, and high risk. The risk implies the nature of data your business stores and the amount. For example, industries like healthcare and accounting that store the most sensitive data will pay higher premiums than other industries. 

2. Amount of sensitivity of data 

Another factor that insurers consider is the amount of sensitive data that a business sends, receives, and handles. For example, low-risk companies such as a local business with few employees and a limited customer base are likely to pay smaller premiums than a company that receives and stores customer credit card numbers in their store and through their website or eCommerce shop. 

In this instance, an example of high-risk companies would be hospitals, especially since the latter store sensitive personal data like social security numbers, dates of birth, and other private information. 

3. Annual revenue 

Businesses that make a lot of money are at greater risk of cyberattacks. This is because attackers are typically motivated by the prospect of financial rewards for their illegal activities. So the more revenue your business rakes in, the more a cybercriminal will want to target your company, which in turn translates to higher premiums compared to businesses that don’t earn that much. 

4. Strength of security measures 

Insurers reward businesses that prioritize security by dedicating significant resources and efforts to putting in place security measures. Adequate security measures such as installing antivirus software, network firewalls, and regularly updating your passwords can lower cyber liability costs.

5. Claims history

Insurance companies are wary of businesses that have a history of multiple claims. If your business has made numerous claims before, your insurer may charge you higher. 

In all, cyber liability insurance may seem expensive, especially when compared to other types of business insurance, but it is only because the fallout can often be much more significant. When you add up all the costs related to a data breach, it can be a whole lot more expensive than imagined.

How much cyber liability coverage do I need?

Cyber liability insurance is for businesses of all sizes. For large companies, the attraction for hackers is the high revenue they make, while medium and small businesses are often targeted because they are more vulnerable. Therefore, if you electronically store or process any sensitive data, you should buy cyber insurance. 

Many people agree that they need cyber liability insurance but often ask how much coverage they need. Generally, the scale of cyber insurance you need is dependent on the size of your business and the level of risk you’re exposed to. To do this, you need to work backward from a hypothetical data breach and figure how much coverage it would take to recover from the breach. 

According to a report by Ponemon Institute, each breach affects an average of 24,000 records, with each individual lost or stolen record costing an average of $41. Multiply this figure by the number of confidential records your company stores, and you will have an idea of how much a cyber incident will cost your business. 

The same report also found that the average time to identify a breach is 197 days, while it takes 69 days to contain it. Thus, you can estimate how much coverage you need to protect your business by asking critical questions like how prepared you are to handle a data breach, whether you have an in-house IT team or you rely on a remote team for your IT needs, how much it costs to replace faulty hardware or software, etc. 

How to keep cyber insurance costs down

If you’re looking for how to save money on cyber liability insurance costs, here are three things you can do.

  • Pay the annual premium upfront: Insurers often give businesses the option of paying their premiums monthly or annually. Monthly premiums may seem attractive because the cash is low, but companies that pay the annual premium at once often enjoy a discount. 
  • Manage your cyber liability risks: Manage your cyber liability by investing in the latest software and hardware to stay protected against threats. It also helps to have an in-house IT team or outsourced IT Support Company that can work with you and your staff to minimize threats.
  • File fewer claims: As with any other type of business insurance, the fewer claims filed against your company that your insurer needs to cover, the better the premiums will be over time. 


It’s important to remember that if your business is online, it is at risk of cyberattacks and data breaches. These attack events are costly – often very costly. It can be tough to predict how far damages my extend, which is why we recommend the higher coverage limits to safeguard against the unknown. Companies that seek to protect their customers and address all aspects of their cyber risk need cyber liability insurance coverage.  

Are you looking for a cyber security defense plan to implement at your business? Why not reach out by phone or email, and you can chat with our cyber experts to answer any questions you may have.