What is cyber insurance?

ProviderFeaturesCommentLearn more
cfc 5 Cyber incident response costs
Cybercrime
System damage
Media liability
Court attendance costs
CFC is a pioneer in the emergency risk sector. Its offers are complete, very attractive for any company that needs to be covered in case of cyber attacks and provide coverage up to $10 million. CFC is a trustworthy firm, and highly recommended.Learn mo

Recommended for small businesses
Hacker damage
Insider threats
Cyber deception
Reputation damage
Lost business income
Cyberboxx has a great reputation for reactivity. Its offers cover all the major risks linked with cyber attacks. We recommend Cyberboxx, especially for small businesses.Learn more
cyberboxx Stolen funds
Ransomware recovery
Cyber extortion
Lost business income
Breach response cost
Coalition already helped many firms of any size that were victims of digital attacks/failure. Well known for its efficient customer service, Coalition also offers comprehensive coverage in case of losses due to cyber-attacks. Learn more

Are you a business owner in Canada who digitally stores customers' personal information? This could include social insurance numbers, addresses or even financial information. If so, you are at risk for potential data breaches and hacks putting your customers' information at risk.

In 2021 alone, the average data breach costs climbed from $3.86 million to $4.24 million (according to a study published by IBM and conducted by the Ponemon Institute). Does your organization have coverage that can protect it from such costly losses? Cyber insurance can help minimize losses related to breaches. 

Our guide will explain what cyber insurance is, how it works and how it can protect your business from losses and potential lawsuits stemming from cyber hacks.

What is cyber insurance?

Cybersecurity insurance, also referred to as cyber insurance, cyber risk insurance and cyber liability insurance, is a business insurance product that enables businesses to mitigate the risk of cybercrime activity like cyberattacks and data breaches. It protects organizations from the cost of internet-based threats affecting IT infrastructure, information governance, and information policy, which often are not covered by commercial liability policies and traditional insurance products. 

Data breaches are unfortunately becoming increasingly more common, and cyber insurance protects firms from risks related to holding customer data. Data breaches can be anything from an employee leaving their computer unlocked, allowing for an unauthorized person to access customer data, to something much larger. You may have heard recent news stories about countries hacking banks and even government offices. 

Cyber insurance coverage works the same way as businesses would purchase insurance against physical risks and natural disasters. It covers the losses a business may suffer as a result of a cyberattack.

Is your business vulnerable to a cyber attack? You can compare business insurance providers in seconds and protect yourself today.

Get cybersecurity coverage today

Compare leading business insurance providers

Why do I need cyber insurance?

In March 2021, CNA Financial, a major insurance company in America, experienced a ransomware attack. This resulted in CNA negotiating a $40 million deal with the hackers. Attacks like this call for cyber insurance solutions to prevent similar financial crises.

Another damaging cyberattack occurred in Canada. Newfoundland and Labrador's health network experienced a security breach, one of the worst to happen in Canada. Similar attacks on health systems and other sensitive businesses are becoming shockingly common.

Electronic data loss or theft can lead to customer loss and decreased revenue. Customers may hold you legally and financially accountable for losses following the theft of third-party information. For example, if a customer's private information is stolen from one of your systems and then used to steal that person’s identity causing either physical or financial consequences, the customer could turn around and sue your business for negligence in protecting their data.

Cyber liability insurance is essential for your company to protect itself from cyber incidents. It can help your firm handle business interruption, legal fees, public relations charges, forensic inquiries and costs from legally mandated notices. 

Good to know

Did you know cyber insurance policies first started in the 1990s? They covered errors in online media and data processing.

What types of cyber insurance are there?

When determining what type of cyber insurance would best suit the needs of your business, you may notice there are a few different types of products available. 

TypeWhat it covers
First-partyThis policy protects you from the financial impact your company could experience. Some of its insurable events are:

  • Malicious destruction of your data
  • Accidental destruction of your database by an employee
  • Wiped out business server during a power surge
LiabilityLiability coverage can be privacy or media liability.
Privacy liabilityMost businesses, especially those with information or privacy risks, should have liability coverage. Breaches or violations of sensitive client or employee data could put the affected people and your company at risk.

Privacy liability coverage protects your business from liabilities from a cyber event or violating privacy legislation. These could include legal expenses and paying settlements.
Media liabilityThis type of cyber attack insurance covers any violation of intellectual property (except patent infringement) that occurs while advertising your services.

It applies to online and printed advertising and is inclusive of social media posts.
Technology Errors and OmissionsA cyber-attack might prevent you from meeting contractual commitments and providing services to your clients. This insurance policy protects you against claims resulting from below-standard delivery of your services.

Should charges of negligence or breach of contract arise, E&O coverage is what you need. It can handle legal defence expenses and indemnity in event of a lawsuit or disagreement.
Types of cyber insurance

What does cyber insurance cover?

Cyber insurance policies cover loss, damage or theft of electronic data after a cyber attack. They also cover first and third-party costs that follow data breaches.

First-party refers to the affected business, and its cover includes:

  • The cost of recovering lost data and restoring computer systems 
  • Lost income from shutting down the business
  • Charges spent in the course of examining the cybercrime
  • Reputation management
  • Money hackers extorted
  • The costs of notifying affected third-parties

Third-party coverage includes those which accompany claims made against you, such as:

  • Legal fees you spend to shield yourself from claims of General Data Protection Regulation (GDPR) violations
  • Damages and settlements 

Try our comparison tool to ensure you choose the most affordable policy with the widest coverage.

Get cybersecurity coverage today

Compare leading business insurance providers

What does cyber insurance not cover?

Cyber insurance will generally exclude the following:

  • Security maintenance errors: Before an insurance company grants your claims, your company must satisfy minimum security requirements.
  • Lost or stolen portable electronics: Cyber insurance does not cover lost or stolen devices. However, some firms could adjust your policy if you encrypted these gadgets.
  • War, terrorism and invasion: Any harm caused by government-sponsored groups might be exempt from coverage.

How much cyber security insurance do I need?

A small tech firm in Canada will generally purchase a cyber liability insurance policy with a $1 million policy limit. It will also get a $1 million limit for each breach, with a $1,000 deductible per claim (remember: a deductible is an amount you have to pay out of pocket before the insurance will pay out.).

The quantity and scope of cyber insurance you need will depend on the size of your company and how risky your business is. To know how much cyber insurance you will need, you should first assess factors related to your company. 

If you own a trucking company that delivers lumbar to homebuilders, you may not need a large or comprehensive cyber insurance policy, whereas an accountant or doctor's office would. The nature of their businesses means they store lots of sensitive information about their customers.

How much does cyber insurance cost?

In Canada, the price for cyber insurance begins at around $550 per year. Companies holding financial data or healthcare information can expect to spend $1,000 per year or more. Your total premium will depend on the type of business you have and the amount of insurance you deem necessary to protect your business against potential data breaches.

The cost differs between provinces as well. To get a personal quote start with our cost comparison tool and then speak with a broker to find the best coverage for you.

Get cybersecurity coverage today

Compare leading business insurance providers

What kinds of businesses need cyber security insurance?

Every business, no matter how big or little, presents a prospect for a cybercriminal to make money.  According to the Canadian Centre for Cyber Security, the average cost of a data breach in Canada is $6.35 million per breach. The average cost of a ransomware attack, including payout and recovery, was $2.3 million in 2021 more than doubling from 2020. Just one cyberattack could leave the business in financial ruin.

Cyber insurance policies are essential to companies that use computers or store electronic data. As businesses continue embracing digital operations, cyber insurance should become widespread.

What types of cyberattacks exist?

A cyberattack occurs when a person or group tries to break into another person's or company's information framework on purpose and maliciously. While most assaults have a financial motive, several recent attempts have shown data destruction can be a sole objective.

There are different kinds of cyber security attacks, and they can be quite technical. Our table will give you an overview of a few potential threats.

TypeWhat kind of threat they pose
MalwareThis refers to various threats such as spyware, viruses and worms. They install themselves when a user opens an infected link. This malware exploits a weak spot to infiltrate a network.
PhishingIt entails sending deceptive emails to unwitting recipients. They appear to be from a reliable source but instead redirect the receiver to an attacker’s website or a harmful file or script. This grant hackers access to your network or trick you into divulging your password or other sensitive information.
Man-in-the-middleThis attack occurs when a hacker inserts himself between a two-party online transaction. Attackers can then manipulate or steal data.
Denial-of-service (DoS) AttackHackers execute this by flooding servers, systems or networks with enough traffic to overload them. This can render a service temporarily unavailable to users and prevent the system from processing legitimate requests.
SQL InjectionsThis is an attack that inserts malicious code into a server with a database language called server query language (SQL).
Types of cyberattacks businesses can face

Unfortunately, there are many ways that electronic systems are attacked. Other types of cyberattacks include rootkits, internet-of-things (IoT) attacks, password attacks and cross-site scripting.

How can I protect my business from cyberattacks?

Just like with protecting your business's physical property, there are steps you can take to protect your business from cyberattacks. We recommend the following steps to make sure you are as protected as possible:

  • Back up your data in multiple places and do so often.
  • Train your staff to be wary of cyberattacks. 
  • Set up secure passwords on your devices and networks.
  • Keep your systems up to date.
  • And finally, purchasing cyber insurance in the event you are attacked.

Not sure which cyber insurance provider to pick? Our comparison tool can help you decide.

Get cybersecurity coverage today

Compare leading business insurance providers
An expert will respond
Your name is required
Comment's content is required.