Skip to main content

Topic: Cyber Insurance

Download/Print PDF

Recovering From a Cyber Attack Can Be Costly.

Cyber insurance is one option that can help protect your business against losses resulting from a cyber attack. If you’re thinking about cyber insurance, discuss with your insurance agent what policy would best fit your company’s needs, including whether you should go with first-party coverage, third-party coverage, or both. Here are some general tips to consider.

What Should Your Cyber Insurance Policy Cover?

Make sure your policy includes coverage for:

Data breaches (like incidents involving theft of personal information)

Cyber attacks on your data held by vendors and other third parties

Cyber attacks (like breaches of your network)

Cyber attacks that occur anywhere in the world (not only in the United States)

Terrorist acts

Also, consider whether your cyber insurance provider will:

Defend you in a lawsuit or regulatory investigation (look for “duty to defend” wording)

Provide coverage in excess of any other applicable insurance you have

Offer a breach hotline that’s available every day of the year at all times

What is First-Party Coverage and What Should You Look For?

First-party cyber coverage protects your data, including employee and customer information. This coverage typically includes your business’s costs related to:

Legal counsel to determine your notification and regulatory obligations

Recovery and replacement of lost or stolen data

Customer notification and call center services

Lost income due to business interruption

Crisis management and public relations

Cyber extortion and fraud

Forensic services to investigate the breach

Fees, fines, and penalties related to the cyber incident

What is Third-Party Coverage and What Should You Look For?

Third-party cyber coverage generally protects you from liability if a third party brings claims against you. This coverage typically includes:

Payments to consumers affected by the breach

Claims and settlement expenses relating to disputes or lawsuits

Losses related to defamation and copyright or trademark infringement

Costs for litigation and responding to regulatory inquiries

Other settlements, damages, and judgments

Accounting costs

More insurance resources for small businesses available at

Download/Print PDF

National Association of Insurance Commissioners logo

The FTC thanks the National Association of Insurance Commissioners (NAIC) for its role in developing this content.

Additional Resources

Check out these additional resources like downloadable guides
to test your cybersecurity know-how.