Automatic Cyber Liability Insurance Cover

AUTOMATIC CYBER LIABILITY INSURANCE COVER

 

If your organisation has a turnover less than £20m, it will receive automatic Cyber Liability Insurance cover when it achieves the basic level of Cyber Essentials across their whole organisation.

£25,000 limit of indemnity

You will receive up to £25,000 indemnity covering:

Event Management

Costs to engage Legal, IT Forensics, Data Restoration, Reputational Protection, Notification Costs and Credit and ID Monitoring services following an actual or suspected breach of personal or corporate information, an IT security or system failure.Data Protection Obligations

Insurers will pay:

  • Defence Costs in respect of a Regulatory Investigation, and;
  • Any lawfully insurable Data Protection Fines that the Company is legally liable to pay in respect of such Regulatory Investigation with regards to a breach of Data Protection Legislation

Liability

Damages and Defence Costs arising from:

  • An actual or alleged breach of data
  • An actual or alleged security failure
  • The failure to notify a Data Subject and/or any Regulator of a breach of personal information in accordance with the requirements of Data Protection Legislation
  • An actual or alleged breach of duty by the Information Holder in respect of the processing information (for which the Company is responsible) on behalf of the Company

A  major breach may well require more than the £25,000 cover. Higher limits of indemnity and extensions to the cover are available on request.

The cover is underwritten by AIG and brokered through Sutcliffe & Co.

 

Visit our Cyber Essentials page to find out how to take your first steps to certification.

 

CYBER LIABILITY INSURANCE COVER - FREQUENTLY ASKED QUESTIONS (FAQ)

If you suffer a data breach, hack or other cyber incident you should immediately contact the 24 hour helpline listed on your insurance schedule. The policy will provide crisis management and incident response services appropriate to your circumstances. Do not delay in reporting the incident as this could jeopardise the claim.

Remember to keep a paper copy of your insurance schedule as you may not be able to access an electronic copy in the event of a data incident.

The insurance is provided by AIG. In the event of a claim they will appoint their specialist consultants to assist and advise you.

The name of the company insured is on your insurance schedule and should correspond with the company that has successfully been certified.

Your policy provides the following:

  • Event Management – Legal, IT Forensics, Data Restoration, Reputational Protection, Notification Costs and Credit and ID Monitoring services following an actual or suspected breach of personal or corporate information, an IT security or system failure
  • Data Protection Obligations – Insurers will pay Defence Costs in respect of a Regulatory Investigation, and any lawfully insurable Data Protection Fines that the Company is legally liable to pay in respect of such Regulatory Investigation with regards to a breach of Data Protection Legislation
  • Liability – Damages and Defence Costs arising from: An actual or alleged breach of data, an actual or alleged security failure, the failure to notify a Data Subject and/or any Regulator of a breach of personal information in accordance with the requirements of Data Protection Legislation, an actual or alleged breach of duty by the Information Holder in respect of the processing information (for which the Company is responsible) on behalf of the Company

The insurance provided with certification gives you a £25,000 limit of indemnity. If you require a higher limit contact [email protected] or call 01905 21681.

For additional cover or higher limits of indemnity contact [email protected] or call 01905 21681. Additional options include payment of ransoms / extortion, business interruption / loss of revenue, phone phreaking, social media, outsourced service providers and invoice fraud.

The cost of additional covers will depend upon what cover you want, the limit of indemnity you require and the nature of your business. To discuss options contact [email protected] or call 01905 21681.

Full details of what is and is not covered can be found in your policy wording. Some of the things that are not covered include: Business Interruption, Phone Phreaking, Outsourced Service Providers, Social Media, Ransoms and money that may have been stolen from you or defrauded from you. If you would like insurance to cover these aspects please contact [email protected] or call 01905 21681.

If you already have cyber insurance the policy provided with your certification becomes inoperative. There is no refund or discount.

Only companies domiciled in the UK are eligible for the insurance. UK subsidiaries may be considered, contact [email protected] or call 01905 21681.

The policy starts from your certification and lasts 12 months, the exact dates will be on your insurance schedule. If you wish to maintain your insurance beyond that date you will need to renew your Cyber Essentials certification with IASME or one of their CBs. If you do not renew your certification then you may purchase Cyber Insurance from your insurance broker or Sutcliffe & Co; contact [email protected] or call 01905 21681.

The policy starts from your certification and lasts 12 months, the exact dates will be on your insurance schedule. If you wish to maintain your automatic insurance beyond that date you will need to renew your Cyber Essentials certification with us.  Of course, you can also choose to purchase Cyber Liability Insurance elsewhere when your cover elapses.

When you complete the Cyber Essentials assessment there is an option to opt out of the insurance. This does not affect the cost.

Being compliant to Cyber Essentials has been shown to significantly reduce the likelihood and severity of a data breach however, the risk still remains, especially if there is an accidental or deliberate internal breach or a concerted external attack. The presence of cyber insurance will provide vital incident response services and costs in your hour of need. The insurance provided with certification gives you £25,000 limit of indemnity so you may want to purchase a higher limit of cover in case you suffer a severe breach.