The Best Cyber Liability Insurance Companies for 2023

Cyber insurance is a type of liability insurance that can protect businesses (and individuals) from some of the losses and damage that you might incur as the result of a cyber-attack or data breach. This is an important type of insurance for businesses to consider, especially if you handle any type of valuable data or sensitive information in your day-to-day work.

You may think that cyber-attacks only happen to large companies, businesses in the tech industry, or organizations doing top-secret work. However, this is a myth that, if believed, could lead your business into a costly and harmful situation.

This guide will provide you with a detailed overview to help you find the right cyber insurance coverage that best suits you or your business. We will cover how cyber liability works, what it doesn’t and doesn’t cover, and what to look for when shopping around. We’ll also provide you with a review of some of our preferred cyber liability insurance companies to aid you in your search for the right policy.

	The Hartford	Progressive	biBERK
Best For	Best Overall	Best for Small Business	Best Add-On Coverage
Financial Strength	Excellent	Excellent	Excellent
Our Rating	10/10	9.5/10	9.0/10
Learn More	Get Quote Read Review	View Rates Read Review	View Rates Read Review

*By clicking the above links, you will go to one of our insurance partners. The specific companies listed above may not be included in our partner’s network at this time.

Cyber Security Basics

To fully understand the necessity of cyber insurance, it is important to have a basic understanding of cyber security, and the prevalence of cyber attacks in today’s digital world. 

The National Institute for Standards and Technology defines a cyber attack as “an attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.” 

There are several types of cyber attacks that a business might encounter: 

• Malware is any type of software that is loaded onto a computer that compromises the integrity or security of the data in some way. Sources of malware include flash drives and CDs, email attachments, and internet downloads.
• Ransomware is an increasingly common type of cyber attack. In this case, a cybercriminal gains access to your system or network and then locks users out. The hacker then demands that the user, or your business, pay a ransom fee to regain access.
• Phishing is a common method used by hackers to obtain access to sensitive information. It involves tricking individuals into disclosing personal information or passwords by deceptive means.

How Common Are Cyber Security Breaches?

According to a study conducted by the Clark School at the University of Maryland, a cyber attack is conducted by a hacker every 39 seconds. As such, this constant rate of attack does not come without results: 

• In 2021, the number of data breaches was 23% above the previous record high, according to the Identity Theft Resource Center. Total data compromises in 2021 numbered 1,862. This was 68% higher than the number of data compromises in 2020. The previous all-time high was 1506 data compromises in the year 2017. 
• Not only did total data compromises increase in 2021, but the percentage of data compromises involving sensitive data also increased slightly to 83% in 2021, up from 80% in 2020. 

Cyber Liability Concerns for Businesses

Despite the marked increase in data compromises between 2020 and 2021, the number of victims overall has decreased continually. In fact, the number in 2021 was down 5% compared to 2020. However, this might not be news worth celebrating. Instead, this data reflects that criminals are becoming increasingly focused on specific data types, strategically pursuing valuable targets. If your business handles sensitive information, it could easily be a cyber criminal’s next target.

As Eva Valesquez, President/CEO of the Identity Theft Resource Center, looks to the future, she comments: 

“There is no reason to believe the level of data compromises will suddenly decline in 2022. As organizations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber-hygiene to protect themselves and their loved ones from these crimes.”

Not only do mid to large-sized businesses need to take steps against cyber attacks, but cyber security may be equally important for smaller businesses. Small businesses are often viewed as easy targets by cybercriminals because these criminals know that smaller organizations are less likely to have effective security protocols in place. The numbers reflect this, as 67% of businesses with less than 1,000 employees have experienced a cyber attack, and 58% experienced a breach.

In light of this grim reality, it is crucial that businesses of many industries and sizes prioritize cyber security, and protect themselves from liability and harm in the event of a successful attack on their systems.

Understanding Cyber Insurance

Based on the statistics above, it is obvious that protecting your company is essential. Continue reading to find answers to questions like, “What exactly is cyber insurance? How does it protect me and my business? How do I determine the right policy for my business?”

What Is Cyber Insurance? 

Cyber insurance is a type of liability insurance policy that can protect your business from losses incurred by a data breach or cyber attack. This type of coverage-also commonly referred to as cyber liability insurance, cyber risk insurance, or cyber security insurance-differs from other insurance plans your business may need in that coverage is designed specifically with online incidents in mind.

In contrast to cyber insurance, crime insurance protects you from instances of fraud, robbery, and theft, and general liability insurance protects you in the event of a personal injury or property damage claim.

Who Needs Cyber Liability Coverage?

Any business that collects and stores personally identifiable information (PII) or personal health information (PHI) belonging to their employees or customers should consider investing in cyber liability coverage. PII includes name, social security number or other ID numbers, phone number, email address, and physical address. PHI generally refers to health information protected by HIPAA.

Additionally, if your company collects and stores your employees’ or customers’ financial information, such as their bank account numbers or credit card numbers, you should also consider cyber liability insurance. Financial institutions are common targets for a data breach, and increased mobile banking usage has made the industry even more susceptible to attacks.

Another industry in which cyber security and cyber insurance are essential is the healthcare industry. Protecting clients’ healthcare information is crucial, but this can also be valuable information for a cybercriminal, and the numbers prove this. From 2018 to 2021, 90% of healthcare organizations reported some type of security or data breach.

How Does Cyber Insurance Work?

Cyber insurance works similarly to other types of insurance. When you purchase a cyber liability insurance policy, your business will pay a premium on a predetermined basis. This could be a set amount paid monthly, quarterly, every six months, or every year. 

When a data breach occurs, your business files a claim with your insurance company. You may have to pay a deductible, which is a portion of the cost of the incident that you cover. Your deductible is pre-determined when you purchase the insurance policy. For example, imagine that you filed a cyber-breach claim that cost your business $5,000, and your deductible is $1,000. You would pay your deductible, which is $1,000, and the insurance company pays the other $4,000. 

Claims-Made vs. Occurrence Policies

An important difference to note when purchasing any type of business insurance, including cyber insurance, is whether the policy is a claims-made or occurrence policy. 

A Claims-Made policy means that the insurance policy covers only claims made within your policy period. These policies often have a retroactive date, which covers incidents up to a few months before the policy start date. You may also have the option to include “tail coverage”, which will cover claims for a brief time following your coverage period. 

Retroactive dates and tail coverage are beneficial if you have a claims-made policy. If you purchase cyber coverage and then receive a lawsuit soon after for an incident that occurred several months ago, you will still be covered, provided it falls after the retroactive date. 

If an incident occurs within your policy period but is not reported until 4 months after the end of your policy period, you can still file a claim if your tail coverage covers up to 6 months after the end of your policy period. 

An Occurrence policy covers all claims for incidents that occurred within the policy period, no matter when the claim is filed. For example, if a cyber incident compromises a partner’s data during your policy period, but they don’t file a lawsuit until one year later, you can still file the claim because the incident occurred within your policy period. 

Because occurrence policies offer protection for a longer period from incidents that occurred within the policy period, these types of insurance policies are often more expensive. 

While some companies may allow you to choose between a claims-made and an occurrence policy, cyber insurance is usually a claims-made policy. This is an important factor to discuss with an agent when considering purchasing a cyber insurance policy. 

What Does Cyber Insurance Cover?

In general, cyber insurance covers losses and incurred costs as a result of lost, stolen, or compromised data. However, the specific events covered by a cyber liability insurance policy can vary between policies and carriers. It is important to carefully review policies before you make a purchase to fully understand how you will and won’t be protected if an incident occurs.

Types of Events Covered

• Data breaches when personal information is stolen
• Cyber attacks on your data that is held by a vendor or other third-party entity
• Network breaches
• Cyber attacks and breaches that occur inside and outside of the U.S. 

First-Party Loss Coverage

First-party loss coverage covers expenses incurred due to a breach of your company’s data, including the personal information of your customers, employee data, and other sensitive information held by your business. This type of coverage can cover expenses, including: 

• Legal Expenses: Legal counsel costs to address a cyber incident. This often includes counsel when laws and regulations are violated in the event of an attack, or when legal counsel is needed to manage other aspects of the situation. (Legal counsel related to lawsuits brought by a third party is covered by third-party loss coverage.)
• Data recovery: Costs related to restoring compromising data, or replacing data that could not be recovered
• Lost income: Most insurance policies cover income lost due to business or network interruption in the event of a cyber incident 
• Public relations: Covers PR assistance and consulting for crisis management. This is especially helpful for large companies in which a major data breach might make headlines. 
• Customer notification (all states require businesses to notify customers in the event of a data breach): This often includes staffing a call center to notify customers and allow them to contact your business with questions or information. 
• Investigation: Costs related to discovering the source or cause of the attack. This could include identifying the attacker or identifying the weakness in the system which may have led to the attack. 
• Fines: Cyber insurance often covers fines and penalties incurred when laws and regulations are violated by a cyber attacker using your data or systems. 

Third-Party Loss Coverage

Third-party loss coverage protects your business when a third party brings a claim against you. 

For example, if a consulting agency that works with many other businesses and companies experiences a data breach, a company affected by the breach could sue the consulting agency for allowing their information to be compromised. In this case, third-party loss coverage would cover the consulting agency’s expenses, including: 

• Lawyers’ fees for representation: This is covered when a third party, such as a vendor or a client, experiences losses due to your failure to protect your systems from a cyber attack.
• Settlement fees or judgments: This covers costs when settlements are made in court as a result of a third-party claim.
• Miscellaneous court costs: This could include fines and penalties, court fees, etc. 

What Doesn’t Cyber Insurance Cover?

While cyber insurance can be very effective in protecting your business in the event of a successful cyber attack, some things might not be covered. Reviewing your policy in full before purchasing can help you to be prepared for the scenarios in which cyber insurance does not apply. 

Common Exclusions

• You are only covered in the event of a successful attack. Cyber insurance usually does not cover expenses related to a lawsuit due to security flaws identified not as a result of a breach. 
• Future profits lost as a result of a cyber-attack or data breach are not covered, only lost income during an interruption may be covered by insurance. 
• An act of war exclusion may prevent your cyber insurance from covering global, state-sponsored cyber attacks deemed warlike action.
• Costs related to upgrading security and data systems following an attack.
• Social engineering, or tricking people into giving access to data or funds, is not always covered by cyber insurance, though it is included in some plans. This coverage may require a specific or customized type of policy.

Cyber Insurance vs. Professional Liability Insurance

Professional liability insurance is a specialized type of insurance designed for professional industries, including financial institutions, legal firms, medical offices, engineers, and business consultants, among others. This type of insurance covers specific liability claims that may be brought against a business resulting from errors in its professional capacity. This includes lawsuits that contain claims such as misrepresentation, negligence, mistakes or oversights, and inaccurate information. These are common claims in the case of professional services in which a client is seeking professional advice, information, or counsel, and may claim that the services caused harm to themselves in some way.

While many businesses in professional industries collect and store sensitive information on a daily basis, professional liability insurance does not cover claims brought as a result of cybercrime or an online data breach. So, it is important for professional firms that also handle sensitive information to have both professional liability insurance and cyber liability insurance. 

Cyber Insurance vs. Crime Insurance

Crime insurance covers robbery, fraud, and theft by employees of your business. Even when you conduct a thorough interview and background screening process, there is still a risk of an employee stealing from, or causing harm to your business. 

While cyber liability insurance can protect in the event of theft or fraud, these two types of insurance cover theft or fraud by different culprits. While cyber liability insurance may cover losses for crimes committed by cybercriminals, crime insurance protects you in the event of crime at the hands of an employee of your business. 

The Benefits & Drawbacks of Cyber Risk Insurance

As with any investment that could protect or improve your business, there are benefits and drawbacks to consider before you make a purchase. Below, we’ve compiled a list to help you determine whether cyber liability insurance is the best choice for your business. 

Benefits of Cyber Liability Insurance

1. It protects your business in the ever-changing technology landscape. The world of technology is always growing and changing, and it has also become an essential part of doing business in the 21st century. Even as security measures become more advanced to adapt to changing technology, cybercriminals innovate new ways to cause data breaches and gain illicit access to sensitive, and valuable, information. 
2. It protects you against the expensive cost of a cyber attack. Cyber crime losses can be substantial, and in some cases, detrimental. This is especially true for small businesses without ready access to capital. Cyber insurance could save your business if a major data breach were to occur.
3. It covers costs for resources that may not otherwise be accessible. Cyber insurance coverage allows you to recover your business not just in losses caused, and fees or penalties incurred, but in public relations, crisis management, and call center resources that may not otherwise be feasible.

Drawbacks of Cyber Liability Insurance 

1. It may not always keep pace with the ever-changing landscape of cyber security. Although cyber insurance can protect you when security measures don’t keep up with new methods used by hackers, the specific coverages included within your policy may not always keep up with the coverage you need in light of new developments in the world of cyber security.
2. Cyber liability companies may not have fully grappled with how to address complicated scenarios. Compared to other well-established business risks, cyber security is an entirely new realm. The need for cyber insurance is still new, and as such, the companies are still developing how they can best provide coverage to their customers. Because of this, some cyber insurance companies are still figuring out how to best deal with complicated scenarios, such as how to respond to a state-sponsored cyber attack, which may have greater implications for the insurance company providing coverage.
3. Cyber insurance is one of many types of insurance that a business needs. There are many other types of insurance that are essential for businesses, so it may not always be financially possible for a business to take out another insurance policy, even with the potential benefits it could have in the event of an attack. 

Cyber Insurance Premiums

Cyber insurance premiums will vary greatly, both in cost and the frequency of charges. Each company will offer different coverage, which can affect how much they charge for their insurance policies. Additionally, some characteristics of your business can affect how much your monthly, bi-annual, or annual premium costs.

Continue reading to learn more about the cost of cyber liability insurance coverage and factors that influence that cost. 

How Much Does Cyber Insurance Cost?

The cost of cyber insurance can range greatly depending on several factors and your specific coverage needs. A 2019 report by AdvisorSmith looked at cyber insurance policies with a $1 million limit and $10,000 deductible for companies with $1 million in revenue. The average cost for this coverage was $1,485 per year or $124 per month. Of course, costs can range greatly depending on several factors.

Factors Affecting the Cost of Coverage

The cost of cyber liability insurance varies greatly because the types of businesses that require coverage also vary greatly. Coverage for a small business looks much different in size and scope than coverage for a large corporation with thousands of employees. 

Below, we’ve broken down some of the factors that might influence how much it costs to purchase cyber liability coverage for your business.

Industry

The higher the payout is expected to be when a cyber incident occurs, the more expensive your monthly premium will be for coverage. This is how the insurance provider anticipates the cost of a larger payout down the line. 

Because of this, industries that are more commonly impacted by cyber attacks, or that handle a disproportionate amount of sensitive information, may need to pay a higher premium for cyber insurance coverage. At the top of this list are financial firms, banks, health care organizations, and government agencies.

Additionally, if your industry requires specific coverage needs that are not covered in a standard cyber insurance policy, specialized or customized coverage will likely incur an additional cost.

Size of Business

By default, larger companies and corporations collect a much larger amount of sensitive data than small to medium-sized businesses. Therefore, the size of your business can increase the cost of your cyber policy. 

Additionally, larger companies have more employees, accessing data and information from work-issued devices, and sometimes even their personal devices. This provides many more access points that a hacker can compromise to gain entry into your network. This is another reason why larger businesses cost more to insure.

Amount and Type of Sensitive Data Collected

No matter the industry, if your business collects large amounts of sensitive data, you are susceptible to a cyber attack. The more sensitive data you store, the better target you are for a cybercriminal, and the cost of your monthly premium will reflect this.

Security Parameters in Place

In the same way that avoiding tickets and accidents can lower your car insurance rates, taking action to mitigate the risk of a security breach may also lower your premium for cyber liability insurance. 

Common cybersecurity precautions include requiring passwords to be updated on a regular basis, routinely updating software, requiring two-step verification for login, encrypting devices and networks, and installing firewalls and anti-virus software on work-issued devices.

Additionally, training your employees on cyber security and how to keep their devices secure will help. Some cyber insurance companies even offer access to training programs as a benefit of purchasing a cyber insurance policy with their company. Investment into education upfront can save major headaches later.

How Much Cyber Liability Coverage Do You Need?

Considering the potential costs of a cyber attack can be overwhelming, especially if you are not well-versed in the world of technology. This can make it difficult to accurately determine how much coverage your business really needs. According to a study conducted by Hiscox on small businesses with fewer than 250 employees, the average cost of a data breach was approximately $25,000, but the ranges were large.

That said, most small businesses choose to get policies with a $1 million per occurrence and a $1 million aggregate limit-an amount that is both affordable and sufficient to cover most small companies’ needs. Businesses in high-risk industries, like those discussed earlier, should opt for higher limits. Most insurers offer standard cyber insurance policies with limits up to $5 million.

Should your business require limits above what is typical, working with a broker to determine the exact amount of coverage necessary for your business is recommended. This process might involve a comprehensive security audit, which will help you understand your business’s specific risks, what you can do to improve security, high-priority areas for coverage, and the coverage amounts necessary to adequately mitigate any financial risks.

Comparing Cyber Insurance Carriers

As cyber threats have become an increasingly large risk for businesses, cyber insurance carriers have evolved and improved to serve their clients. Below, we’ve outlined some of the most important factors to consider when comparing cyber policies. No one insurance carrier or policy will serve every business well, so weigh the pros and cons of each cyber insurance policy as they relate to your business’s specific needs. 

Coverage Options & Policy Limits

Coverage options for cyber insurance have evolved over time, especially as the world went online during the pandemic, more companies are switching to remote work, and increasing amounts of sensitive data are stored online. For unique businesses, customizable coverage options, and flexible policy limits are important.

When comparing carriers, consider whether a company has seemed to update their options and policy limits recently, as this indicates their willingness to improve coverage to keep up with new technological developments that are bound to come. Also consider whether the company offers a one-size-fits-all cyber insurance package, or allows you to customize your coverage to best fit your business needs (and avoid paying for coverage and features you don’t need).

When considering policy limits, it is important to assess your company’s level of risk and the scope of costs that will need to be covered if a data breach occurs. This will vary greatly: a $1 million dollar limit will be adequate for a small business, while a major corporation could require up to a $500 million dollar policy limit.

Reporting Claims

Customer service is an important consideration when purchasing cyber liability insurance. If the time comes that a data breach has occurred and you need to report a claim, you will want top-notch services in your time of crisis. While some providers offer a 24/7/365 hotline to file a claim and report a breach at any time, other companies are only available during standard business hours. Some companies may require you to call to report a claim, while others offer online systems where you can log in and file a claim. This will give you greater access to information throughout the process, outside of communicating with a service representative on the other end of the line.

When considering the available options for reporting a claim, also consider the experience of those who will be helping you on the other end of the phone. Do they have cyber incident experience? Has the company trained them well to help customers during this type of crisis? Are they knowledgeable about businesses in your industry? Helpful and knowledgeable customer service is crucial in a time of crisis.

Premiums & Deductibles

Of course, it is important to shop around and compare prices when looking to purchase any insurance policy, and cyber insurance is no exception. Compare the pros and cons for each company as they relate to your specific business, and determine which company can provide the best value for the prices that they charge.

Additionally, consider how you might be able to lower your monthly premium as time goes on. Some companies offer lowered rates if your company completes cyber security training and workshops, or implements certain security parameters into daily practice. These measures make your company less susceptible to a data breach, and therefore, less of a financial risk to the insurance company.

Company Reputation

When shopping around for cyber insurance, be sure to read reviews online and get the opinions of others. While any company might have a few negative reviews, consistently poor ratings and reviews are a red flag, even if the company seems to be a more affordable option. 

Additionally, consider the longevity of the company, and its reputation in the news and with organizations such as the Better Business Bureau. These are major indicators of whether the business is truly dedicated to serving its customers when they need it most. 

Financial Strength

It is important for your insurance company to be financially secure, as you will require their services in times when your business may not be secure. It is absolutely crucial to be insured by a financially secure company that will be there to provide coverage and assist with your claim, no matter what comes. 

Well-established, long-standing insurance companies, and agencies with high ratings are often a safer choice. Look for a robust history of providing clients with adequate payouts in a prompt manner during crises. Rating agencies like Moody’s, S&P, and A.M. Best provide valuable insight into insurance carriers’ ability to meet their financial obligations.

Best Cyber Insurance Companies Overall

Below, we’ve provided you with our picks for the best cyber insurance companies, as well as more information about each company and their cyber insurance products. Because one company may not work well for all businesses, we’ve provided our picks for a variety of use cases and business types, in addition to our top pick overall.

Continue reading to find the company that will provide the best cyber coverage for your business. 

The Hartford (Best Cyber Insurance Overall)

The Hartford is a well-established insurance carrier with a wide variety of cyber coverage options for businesses of nearly any size or industry. Their experience, range of coverages, and high policy limits make them the best cyber insurance carrier overall. 

Coverage Options & Policy Limits

The Hartford offers cyber insurance coverage options from add-on coverage to standalone policies with limits up to $500M. 

For small businesses that do not require a large amount of cyber coverage, The Hartford offers data breach coverage added onto a business owners policy. They also offer three categories of cyber liability insurance, described in more detail below. Each is designed to serve a certain business size or industry.

To get a quote, you can fill out their form online. Businesses with under $50 million in revenue can work with a local agent, while businesses with over $50 million in annual revenue must work with a regional underwriter. 

Cyber Choice First Response 

Cyber Choice First Response is ideal for companies with revenue up to $100M annually and offers policy limits up to $2 million. Industries that are eligible for this type of coverage from The Hartford include retail, financial institutions, wholesale, construction, entertainment, professional services, transportation, utility and energy, hospitality, and manufacturing. 

This coverage option includes the following expenses that may be incurred as a result of a cyber incident: 

• Network restoration 
• Incident response 
• Customer notification 
• Fines and proceedings as a result of a cyber attack 
• Liability for data privacy, network security, and digital media. 
• Ransom payments 
• Losses due to business interruption 

Additional optional coverages include: cyber crime (fraudulent funds transfer, phishing attacks, and other social engineering attacks), bricking loss (the cost to restore or replace hardware and servers if functionality is lost due to a cyber incident), reputational loss, and system failure.

Cyber Choice Secure 

Cyber Choice Secure is ideal for companies with revenue over $100M annually and offers policy limits up to $500M for primary coverage and up to $1B for excess coverage. This coverage uses a broad definition of Personally Identifiable Information, and covers business interruption losses for a 24-month period and cyber deception and telecommunication losses.

Cyber Insurance Professional -Technology 

Cyber Insurance Professional – Technology offers coverage specific to tech companies, which often require specialized insurance products due to large amounts of sensitive data. This coverage offers one single policy that includes technology and media liability coverage, cyber coverage, and professional services liability coverage. The policy limits are up to $500M for primary coverage and up to $1B for excess coverage. 

Companies eligible for this type of policy offered by The Hartford include telecommunications, social media, information technology, data entry and processing, and more. 

Reporting Claims 

Standalone cyber insurance policyholders will have access to the Hartford’s 24/7 cyber incident hotline so that they can report a cyber incident at any time and receive specialized assistance to respond to the situation quickly.

Company Reputation 

The Hartford has been in existence for over 200 years. The company began in 1810 as a fire insurance company, expanding its coverage options over time. It is a Fortune 500 company known best for its partnership with AARP Auto Insurance and specialized business insurance coverages.

Financial Strength 

Each of Hartford Financial Services Group’s syndicates received an A+ or A rating from A.M. Best, and A+ ratings from S&P, which means they are highly reliable in their ability to settle claims.

A combination of excellent policy offerings, 24/7 claims reporting, and strong financials make The Hartford our pick as having the Best Cyber Insurance Policies Overall.

Progressive (Best Cyber Insurance for Small Business)

Progressive offers a variety of personal and commercial insurance products, including cyber liability insurance for businesses. They offer the option to get a quote online or speak with an agent to get a quote and learn more about their coverage options. Because of their variety of insurance products, business owners have the option to get many of their insurance needs covered in one place. 

Coverage Options & Policy Limits

Progressive offers both first party and third party cyber coverage through their cyber liability plans. These are two basic, but essential, components of a cyber insurance plan for small businesses. Here are some of the items covered: 

First Party Coverage: 

• Expenses related to a data breach or computer attack 
• Ransom payments 
• Lost income due to business or network income 
• Cost to recover lost or stolen data 
• Identity recovery 

Third-Party Coverage: 

• Legal and settlement costs if you are held liable for a cyber incident 
• Legal and settlements costs for lawsuits related to failure to product client’s or partner’s sensitive information 
• Media liability: Copyright infringement, defamation, violation of privacy, etc. 

For smaller businesses that need less cyber coverage, but still want to be protected in the event of an attack, Progressive offers the option to add cyber coverage to a business owners policy (BOP). 

Progressive does not offer technology errors & omissions coverage through their cyber insurance policies. This is sometimes offered through cyber insurance plans designed for technology companies and protects the insured in the event that their product or service fails to protect against a cyber attack or contains a weakness that allowed a successful cyber attack to occur. For businesses in need of this type of coverage, a cyber or professional liability insurance plan designed for tech companies may be a better fit.

Reporting Claims 

Progressive allows you to report a claim online or by calling 1-800-444-4487, which is available 24/7. However, because their focus is on auto insurance, when compared to other carriers, their customer service experts may be more experienced in responding to auto claims than business and cyber liability claims.

Company Reputation 

Progressive was founded in 1937 when it introduced the first drive-in auto claims location and is still best known for its auto insurance today. Throughout its 70-year history, they have grown to offer a range of personal and commercial coverage.

Financial Strength 

Progressive reports strong financials based on its credit and financial ratings. A.M. Best rated Progressive A+ Superior, while S&P assigned an AA rating and Moody’s assigned an Aa rating.

Progressive offers straightforward cyber insurance policies at a reasonable price. Additionally, the Progressive Advantage Program allows small businesses to shop for coverage across a broad range of insurance products in a single place (while securing multi-line discounts). For these reasons, we recommend Progressive as having the Best Cyber Liability Insurance for Small Business.

biBERK (Best for Add-On Coverage) 

Many small businesses may require cyber liability coverage due to handling sensitive customer information, but they may not need a full standalone policy. biBERK allows business owners to purchase general, professional, or business owners insurance and add on cyber coverage through a streamlined online process. Their focus on cyber insurance as an add-on coverage to a variety of policies makes biBERK our pick for the best add-on coverage. 

Overview 

As mentioned previously, small businesses are an increasingly popular target for cybercriminals due to their vulnerability and lack of advanced security measures. biBERK offers cyber insurance add-on policies with small businesses in mind. You can get a quote for their business insurance with added-on cyber coverage online or over the phone. 

Coverage Options & Policy Limits

biBERK cyber rider includes coverage for costs related to a hacked system or data breach, incident response (i.e. credit monitoring, case management for identity restoration, etc.), and legal defense. biBERK cyber coverage offers limits up to $1M, which is adequate for many small to midsize businesses that handle sensitive data.

Reporting Claims 

biBERK allowed clients to submit claims online or contact customer service via phone. The company’s exclusive focus on business insurance goes a long way with regards to customer satisfaction in the event of a claim.

Premiums and Deductibles 

According to their website, biBERK estimates the base cost of coverage for a small business is often between $85 and $200 annually. Their premiums are determined by business activity, policy limit, and deductible.

Company Reputation 

biBERK is part of Berkshire Hathaway Insurance Group, a company that has 75 years in the insurance industry and $38 billion in paid claims in 2020. They have a rating of 4.25 out of 5 with the Better Business Bureau. 

Financial Strength 

A.M. Best affirmed an A++ rating for Berkshire Hathaway Homestate Insurance Company in January 2020, with a stable outlook. This rating, as well as the company’s history and reputation, indicates a well-established and financially secure company.

For business customers looking for lightweight cyber insurance to quickly add on to an existing small business policy, biBERK is an excellent choice.

State Farm (Best Cyber Liability Insurance for Individuals)

State Farm is a well-known insurance company that offers auto, homeowners, renters insurance, and more. State Farm also offers identity restoration insurance as an add-on coverage to an existing homeowners or renters insurance policy. While most cyber-related add-on policies for individuals only include identity theft insurance, State Farm goes beyond this coverage to offer cyber-attack coverage as well, making it the best cyber coverage choice for individuals.

Coverage Options & Policy Limits

State Farm’s identity restoration rider includes coverage for cyber attacks, cyber extortion, credit monitoring, and fraud loss-coverage typically only made available to businesses from other carriers. This includes covering expenses related to data recovery and system restoration, providing professional assistance in the event of a cyber extortion incident or ransom demand, assigning a case manager in the event of identity theft, and more. This added-on coverage includes a standard annual limit of $15,000. However, the expense reimbursement limit for identity restoration costs is up to $50,000 annually.

Reporting Claims 

State Farm allows you to file a claim online, or call 800-732-5246. Their claims filing process encompasses all of their insurance products, so the employees assisting you may not be experts on cyber coverage or cyber-attacks. 

Premiums and Deductibles 

The annual premium for identity restoration insurance added onto a State Farm homeowners or renters policy is just $25 per year. If an incident occurs, the deductible will be $500. 

Company Reputation 

State Farm is best known for its auto and homeowners insurance policies. They have positive reviews overall: however, some reviews indicate their prices may be higher than other carriers.

Financial Strength 

State Farm’s credit and financial ratings indicate stability. A.M. Best rated State Farm A++ for their “superior financial condition and operation performance.” They received an S&P rating of AA for “strong claims-paying ability.”

Because State Farm makes cyber coverage available to its individual customers that is typically reserved for business clients with other carriers, we recommend State Farm as the Best Cyber Insurance Company for Individuals.

Chubb (Best Cyber Liability Coverage for Enterprise)

Chubb is an experienced cyber liability insurance provider with products designed for major industries and companies of all sizes. Their stable financial history and customizable insurance plans make them the best coverage choice for enterprise companies.

Overview 

Chubb introduced its first cyber/technology coverage product in 1998 and has been a highly-rated cyber insurance provider for nearly 20 years. They offer multiple types of cyber coverage, detailed below.

Chubb introduced a new endorsement to their cyber coverage in 2021. This is a good sign that this company is well-established, yet looking towards the future to continue to protect its client in an ever-changing technological landscape. Its new endorsements include coverage for widespread events, ransomware encounters, and exploitation of neglected software. 

Coverage Options & Policy Limits

Cyber Enterprise Risk Management (ERM)

Chubb’s Cyber ERM coverage includes both first and third-party coverage that a business might need in the event of a cyber attack. This is their standard cyber liability insurance coverage, with additional endorsements available.

DigiTech ERM

DigiTech ERM is Chubb’s cyber insurance coverage for businesses in the technology sectors. The primary feature which separates this coverage from Cyber ERM is Technology Errors and Omissions coverage. This covers financial losses incurred by a third party as a result of a product or service provided by the insured. Target industries for DigiTech ERM include data processing, software development, application services, and consulting/integration of computer hardware and network systems.

Integrity+ by Chubb

Integrity+ is Chubb’s customizable modular cyber coverage, ideal for larger firms in life sciences, manufacturing, and technology. This coverage plan allows clients to select from four coverage options, customizing their policies to best fit their needs. The four available coverages include: 

• Errors and Omissions Liability 
• Destructive Programming Liability 
• Cyber Liability 
• Disclosure of Confidential Information, Intellectual Property (IP) Infringement, and Reputation Disparagement

Reporting Claims 

Chubb offers 24/7 service for cyber claims reporting through their Chubb Cyber Alert mobile app, or via email. They also offer a worldwide cyber incident response hotline to report claims over the phone anytime.

Financial Strength 

Chubb is a well-established company with stable financials. Fitch Ratings assigned Chubb National Insurance Company an AA rating with a stable outlook. They have also received an AA rating from S&P and A++ rating from A.M. Best.

As a global firm focused on delivering highly customizable insurance products for firms of any size, Chubb is our top pick for offering the Best Cyber Insurance Policies for Enterprise Customers.

References

• https://csrc.nist.gov/glossary/term/cyber_attack
• https://www.mass.gov/service-details/know-the-types-of-cyber-threats
• https://ung.edu/continuing-education/news-and-media/cybersecurity.php
• https://www.idtheftcenter.org/post/identity-theft-resource-center-2021-annual-data-breach-report-sets-new-record-for-number-of-compromises/
• https://www.hhs.gov/answers/hipaa/what-is-phi/index.html
• https://www.wgu.edu/blog/6-industries-most-vulnerable-cyber-attacks2108.html#close
• https://www.thehartford.com/business-insurance/claims-made-vs-occurrence
• https://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx
• https://carnegieendowment.org/2020/10/05/war-terrorism-and-catastrophe-in-cyber-insurance-understanding-and-reforming-exclusions-pub-82819
• https://www.aig.com/business/insurance/management-liability/crime-and-financial-institution-bonds
• https://www.ftc.gov/system/files/attachments/cybersecurity-small-business/cybersecuirty_sb_factsheets_all.pdf
• https://www.hiscox.com/articles/average-annual-cost-cyber-attacks-us-small-business-25k-reveals-hiscox