Cyber Security Insurance

Cyber security insurance tailored for your business offers protection against data breaches and hackers. Our cover includes hacker ransom and cyber extortion cover, payment card industry (PCI) fines and penalties, Regulatory investigations and more.

Cyber Security Insurance

Cyber security insurance tailored for your business; including hacker ransom and cyber extortion cover, payment card industry (PCI) fines and penalties, Regulatory investigations and more.

Cyber Security protection

Hacking and/or data breach is one of the most significant risks to any modern business, with The Federation of Small Businesses (FSB) reporting that two thirds of small firms have been a victim of a cyber crime in the last two years, costing the UK economy an estimated £5.26 billion and destroying the reputation and balance sheet of thousands of companies.

As a business professional, you have a legal obligation to securely protect the information you hold, both in terms of your clients, prospects and employees, as well as any data held on behalf of a third party. Any loss of personal data should be disclosed to the Information Commissioner’s Office (ICO) and can result in significant fines and penalties, not to mention the significant reputational damage to your business.

We provide a quick and affordable solution to all your cyber insurance needs. Our specialist cyber liability insurance and data loss protection provides genuine peace of mind, managing the entire data loss process alongside potential third party claims following loss of customer or employee data.

Cyber Liability Insurance Tailored to Your Business

Cyber liability with Insync offers genuine peace of mind to business owners by providing comprehensive and cost-effective cyber security insurance, with instant quotes from our expert team and cover in minutes, all tailored to your specific profession.

Our policy can cover your business for the following:

  • Hacker damage
  • Online or physical data breach
  • Hacker ransom and cyber extortion cover
  • Regulatory investigations and penalties
  • Payment card industry (PCI) fines and penalties
  • PR & crisis containment expenses
  • Loss of income cover and reputational damage protection
  • Post-breach notification, forensic investigation and legal support

Do I Need Cyber Risk and Data Breach Insurance?

In today’s modern world most businesses either hold some form of data or rely on core computer systems to conduct their business. You would be exposed to cyber risk or a data breach if you or your firm has or controls:

  • Sensitive Data – Holds data such as customer names and addresses, date of birth, dental records and/or credit card or bank details
  • Website –Operates any form of website or online application or booking system
  • Systems – Uses a computer platform or customer database (either cloud-based or locally hosted)
  • Payment Cards – If you accept credit or debit cards (on or offline) and are subject to a payment card industry (PCI) agreement

Cyber Security Claims

Our A-rated insurer partner has managed over 4,500 cyber and data breach claims since 2009.

The specialist claims team will be on-hand when you need them most to mitigate your loss and get your business up-and-running as quickly and easily as possible.

Need  
Cyber Security 
Insurance advice?

Speak to one of our Cyber Security experts, at a time that suits you...

or call us directly on

01200 309 516

Cyber Security Insurance

  • Hacker damage and virus cover for websites, back office systems and email platforms

  • Online or physical Data breach costs and liabilities

  • Post breach notification, forensic investigation and legal support

  • Hacker ransom and cyber extortion cover

  • Regulatory investigations and penalty costs

  • Payment card industry (PCI) fines and penalties

  • PR and crisis containment management and expenses post data breach

  • Optional Business Interruption for loss of income and reputational damage

  • Free Legal and Regulatory advice from cyber and data breach experts

Why Insync?

  • Specialist cyber and data breach cover for all types of businesses

  • Instant quotations - cover and policy documents in minutes

  • Flexible cover & monthly payments – just pay for the sections you need

  • Expert advice from data and cyber risk insurance specialists

  • 24 Hour Claims Helpline & Data Breach Management support

  • Personal – One-to-one access to your own dedicated cyber insurance Account Manager

What is data breach and cyber risk insurance?

Cyber Risk Insurance provides indemnity against the associated risks and liabilities from cybercrime, data hacking and/or data breach. From damage to websites or other online platforms to loss of personal data, cyber insurance can be tailored to your specific business requirements. Data Breach Insurance can be purchased in isolation or as part of a full cyber insurance package.

How much cyber risk cover do I need?

Best advice is always to purchase as much cyber insurance coverage as you can afford. As every business is different, you will need to consider your own specific circumstances and exposure to loss. Firms with multiple locations, or with a large database of clients holding personal data or credit card details will have a much higher exposure to multiple claimants and data breach expenses.

Cyber cover claims examples

A financial advisor works remotely, her laptop is stolen from the boot of her vehicle whilst parked. The laptop contained over 500 client records and details of ongoing pension applications. The loss of data must be reported to the ICO who may impose a six figure fine. The local press picks up on the incident and runs a news article on their website and the weekly paper, causing significant reputation damage. Several clients have joined forces for form a class action for loss of personal data.

How do I work out how many records I need to insure?

Records means people, so 5 pieces of information about you, is one record.  You should consider any person whose data you hold, including your customers, the customers of your clients, your employees, and sub contractors.  If you are growing you might want to multiply your total by your growth to allow for an increase in records in the year of insurance.  If you don't store the data but you use someone else to store the data (outsource) then you should include those as you will probably still have responsibility. 

However, if you do get it wrong we will not reduce the coverage you have bought:  there is no equivalent of "average" in a property policy.

How much does cyber insurance cost?

Insync has developed a specialist cyber and data breach policy which can accommodate 95% of UK businesses. Whilst many standard cyber insurance providers shy away from medical or financial related data, our insurance partners have extensive experience in managing financial and healthcare data loss, both in the UK and the USA.

Cyber insurance coverage for a small business with annual revenue not exceeding £200,000 starts from as little as £160 per annum (including insurance premium tax).

Cyber and data breach packages can be tailored to your specific requirements, based on the following:

• Annual turnover / income
• The number of records processed / held in your database

What level of cyber liability cover do I need?

This is a complex question, best advice is to purchase as much cover as you can afford. Essentially you need to work how many people's data you hold, to choose a limit of records, and then the more difficult part, if someone brings legal allegations against you, how much you think you might be sued for plus the associated legal costs. 

Privacy lawyers can be quite expensive if they are good, more than £500 per hour.  It is worth checking your commercial contracts to see if the contracts specify what limit of cyber you should buy.  The limit of liability is in the aggregate which means if you were unlucky enough to have more than one claim against you then it would need to be enough for both claims.

How does the indemnity limit work?

If there is a legal allegation against you, the indemnity limit covers legal costs to defend you and if you have to pay damages, it pays damages too.

Do you cover cyber ransom demands?

There are lots of different cyber ransom demands.

If someone prevents you from accessing a database or network by the use of encryption, often called a ransomware attack, then we would investigate, and if you needed to recover data we would pay the cost, and if your business was interrupted we would pay the loss of revenue.  There are limits and excesses to be applied.  if you have to pay a ransom then we would pay that too.

Another kind of cyber ransom is if someone steals sensitive information and threatens to publish it unless you pay ransom -  again we would investigate and if necessary pay the ransom too

What does the business interruption and cyber extortion extension cover?

Cyber business interruption triggers if you suffer a hack or a denial of service attack which slows down your website or network that could affect your revenue.  Basically, we pay the revenue you lose,which you cannot get back.  there is normally a time retention which means the cover kicks in after a number of hours, typically 12 hours.

Cyber extortion triggers if someone threatens you by preventing access to your network, or publishing private information, and demands money to let you back into your network or to avoid the private information being published.  we pay the investigation and if the ransom needs to paid then the ransom too.

What does the fraudulent transfer extension cover?

Cyber criminals use a variety of creative ways to commit crime.  Standard cyber insurance policies only provide cover for data loss or cyber attack which would exclude actions such as fraudulent instruction where monies are paid inadvertently where a person is purporting to be a vendor, client or authorised employee.

Subject to selection of the extended fraudulent transfer extension cover is provided for up to £10,000 in the policy period.

What’s the difference between cyber insurance and professional indemnity?

Cyber criminals use a variety of creative ways to commit crime.  Standard cyber insurance policies only provide cover for data loss or cyber attack which would exclude actions such as fraudulent instruction where monies are paid inadvertently where a person is purporting to be a vendor, client or authorised employee.

Subject to selection of the extended fraudulent transfer extension cover is provided for up to £10,000 in the policy period.

My business trades in the US as well as the UK & EU, can you cover me?

We can extend our policy to Worldwide.  there are specific US exposures and we have a good understanding and experience of handling US data breaches

What is Personally identifiable information (PII))?

Taken from the EU General Data Protection Regulation (GDPR) which will be enforced from May 2018, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

What is a Denial of Service (DOS) attack?

A DoS attack is a type of cyber-attack which typically involves a targeted machine/network being flooded with an excessive amount of communication requests such that the machine/network cannot possibly fulfil all the requests, disrupting the service and therefore becoming unavailable to genuine users. Imagine a revolving door with so many people trying to get through that it stops turning. Substitute the people with data, and the revolving door with your network and that is a DoS attack. Your network stops turning or turns so slow it is not useful. It is a malicious attack.

What do you mean by Legal and Forensic expenses?

We will pay reasonable forensic costs and expenses of a computer security expert incurred defending a claim covered under your cover arising from a security breach. If you have to pay for a special payment card one called a PCI forensic investigator (normally more expensive) we will pay for that as well!

Which insurer underwrites Cyber Securities policies?

Beazley Syndicates 623/2623 at Lloyd’s. Beazley is a specialist cyber insurer underwriting cover since 2009 and has subsequently managed over 6,000 data breaches.

I need more that £1 million cyber liability insurance, can you still insure me?

Absolutely, at Insu we can arrange cover for limits up to £100m! If you need cover for more than £1m, we will just need a little more information and one of the Cyberguru team will be happy to arrange this for you.

What is data breach and cyber risk insurance?

Cyber Risk Insurance provides indemnity against the associated risks and liabilities from cybercrime, data hacking and/or data breach. From damage to websites or other online platforms to loss of personal data, cyber insurance can be tailored to your specific business requirements. Data Breach Insurance can be purchased in isolation or as part of a full cyber insurance package.

<
How much cyber risk cover do I need?

Best advice is always to purchase as much cyber insurance coverage as you can afford. As every business is different, you will need to consider your own specific circumstances and exposure to loss. Firms with multiple locations, or with a large database of clients holding personal data or credit card details will have a much higher exposure to multiple claimants and data breach expenses.

Cyber cover claims examples

A financial advisor works remotely, her laptop is stolen from the boot of her vehicle whilst parked. The laptop contained over 500 client records and details of ongoing pension applications. The loss of data must be reported to the ICO who may impose a six figure fine. The local press picks up on the incident and runs a news article on their website and the weekly paper, causing significant reputation damage. Several clients have joined forces for form a class action for loss of personal data.

How do I work out how many records I need to insure?

Records means people, so 5 pieces of information about you, is one record.  You should consider any person whose data you hold, including your customers, the customers of your clients, your employees, and sub contractors.  If you are growing you might want to multiply your total by your growth to allow for an increase in records in the year of insurance.  If you don't store the data but you use someone else to store the data (outsource) then you should include those as you will probably still have responsibility. 

However, if you do get it wrong we will not reduce the coverage you have bought:  there is no equivalent of "average" in a property policy.

How much does cyber insurance cost?

Insync has developed a specialist cyber and data breach policy which can accommodate 95% of UK businesses. Whilst many standard cyber insurance providers shy away from medical or financial related data, our insurance partners have extensive experience in managing financial and healthcare data loss, both in the UK and the USA.

Cyber insurance coverage for a small business with annual revenue not exceeding £200,000 starts from as little as £160 per annum (including insurance premium tax).

Cyber and data breach packages can be tailored to your specific requirements, based on the following:

• Annual turnover / income
• The number of records processed / held in your database

What level of cyber liability cover do I need?

This is a complex question, best advice is to purchase as much cover as you can afford. Essentially you need to work how many people's data you hold, to choose a limit of records, and then the more difficult part, if someone brings legal allegations against you, how much you think you might be sued for plus the associated legal costs.

Privacy lawyers can be quite expensive if they are good, more than £500 per hour.  It is worth checking your commercial contracts to see if the contracts specify what limit of cyber you should buy.  The limit of liability is in the aggregate which means if you were unlucky enough to have more than one claim against you then it would need to be enough for both claims.

How does the indemnity limit work?

If there is a legal allegation against you, the indemnity limit covers legal costs to defend you and if you have to pay damages, it pays damages too.

Do you cover cyber ransom demands?

There are lots of different cyber ransom demands.

If someone prevents you from accessing a database or network by the use of encryption, often called a ransomware attack, then we would investigate, and if you needed to recover data we would pay the cost, and if your business was interrupted we would pay the loss of revenue.  There are limits and excesses to be applied.  if you have to pay a ransom then we would pay that too.

Another kind of cyber ransom is if someone steals sensitive information and threatens to publish it unless you pay ransom -  again we would investigate and if necessary pay the ransom too

What does the business interruption and cyber extortion extension cover?

Cyber business interruption triggers if you suffer a hack or a denial of service attack which slows down your website or network that could affect your revenue.  Basically, we pay the revenue you lose,which you cannot get back.  there is normally a time retention which means the cover kicks in after a number of hours, typically 12 hours.

Cyber extortion triggers if someone threatens you by preventing access to your network, or publishing private information, and demands money to let you back into your network or to avoid the private information being published.  we pay the investigation and if the ransom needs to paid then the ransom too.

What does the fraudulent transfer extension cover?

Cyber criminals use a variety of creative ways to commit crime.  Standard cyber insurance policies only provide cover for data loss or cyber attack which would exclude actions such as fraudulent instruction where monies are paid inadvertently where a person is purporting to be a vendor, client or authorised employee.

Subject to selection of the extended fraudulent transfer extension cover is provided for up to £10,000 in the policy period.

What’s the difference between cyber insurance and professional indemnity?

Cyber criminals use a variety of creative ways to commit crime.  Standard cyber insurance policies only provide cover for data loss or cyber attack which would exclude actions such as fraudulent instruction where monies are paid inadvertently where a person is purporting to be a vendor, client or authorised employee.

Subject to selection of the extended fraudulent transfer extension cover is provided for up to £10,000 in the policy period.

My business trades in the US as well as the UK & EU, can you cover me?

We can extend our policy to Worldwide.  there are specific US exposures and we have a good understanding and experience of handling US data breaches

What is Personally identifiable information (PII))?

Taken from the EU General Data Protection Regulation (GDPR) which will be enforced from May 2018, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

What is a Denial of Service (DOS) attack?

A DoS attack is a type of cyber-attack which typically involves a targeted machine/network being flooded with an excessive amount of communication requests such that the machine/network cannot possibly fulfil all the requests, disrupting the service and therefore becoming unavailable to genuine users. Imagine a revolving door with so many people trying to get through that it stops turning. Substitute the people with data, and the revolving door with your network and that is a DoS attack. Your network stops turning or turns so slow it is not useful. It is a malicious attack.

What do you mean by Legal and Forensic expenses?

We will pay reasonable forensic costs and expenses of a computer security expert incurred defending a claim covered under your cover arising from a security breach. If you have to pay for a special payment card one called a PCI forensic investigator (normally more expensive) we will pay for that as well!

Which insurer underwrites Cyber Securities policies?

Beazley Syndicates 623/2623 at Lloyd’s. Beazley is a specialist cyber insurer underwriting cover since 2009 and has subsequently managed over 6,000 data breaches.

I need more that £1 million cyber liability insurance, can you still insure me?

Absolutely, at Insu we can arrange cover for limits up to £100m! If you need cover for more than £1m, we will just need a little more information and one of the Cyberguru team will be happy to arrange this for you.

LATEST FROM OUR BUSINESS INSURANCE EXPERTS

Insync Insurance Solutions Ltd
9 Albany Park, Cabot Lane
Poole, Dorset BH17 7BX

t. 01200 309516
e. This email address is being protected from spambots. You need JavaScript enabled to view it.

© Insync Insurance Solutions Ltd 2021 All rights reserved. Insync Insurance Solutions Ltd is authorised & regulated by the Financial Conduct Authority where our reference number is 766691. Our registered office is 7th Floor, Corn Exchange, 55 Mark Lane, London, EC3R 7NE and we are registered in England under company number 08810662. Should you have cause to complain, and you are not satisfied with our response to your complaint, you may be able to refer it to the Financial Ombudsman Service, which can be contacted as follows: The Financial Ombudsman Service Exchange Tower, London, E14 9SR | Tel: 0800 023 4567 or 0300 123 9 123 | www.financial-ombudsman.org.uk | Privacy Notice | Terms Of Business