What you need to know about cyber security insurance

What you need to know about cyber security insurance

Cybercrime around the world costs something in the region of £265 billion per year, according to a recent report from Centre for Strategic and International Studies (CSIS) and McAfee. In the UK last year, some 93 per cent of larger companies reported a  security breach of some kind, whilst around 87 per cent of small business were also hit by cybercrime. The accumulated cost to a corporation over the year went as high as circa £1.4 million, whilst for an SME the cost could go above £60,000.

In this context, companies are increasingly seeking some kind of fallback in the form of insurance. According to industry blogger Geoff Standbridge, cyber security has matured since policies first began appearing in the early 2000s. He wrote:

“Cyber Insurance is a much more established market with more carriers now looking to provide the appropriate cover for businesses of all sizes who are now beginning to see Cyber Insurance more as a mandatory purchase rather than discretionary.”

If you are considering buying a cyber security policy for your business, then here are some points to look out for:

Two main types

As with many standard insurance policies (motoring in particular), there are broadly two types available: first and third party. First-party policies broadly cover for the direct impact of cybercrime on your business, and ultimately yourself. A third party policy will go further, covering you for claims made against you by your customers – in other words, helping you cover for the damage inflicted on others by an incident.

First-party cover examples

First-party cyber insurance will cover your own property, but it must be stressed that ‘property’ in this context covers digital assets, such as database records, as well as physical materials such as data CDs and backup tapes. Your business will also be protected against cyber extortion (or blackmail); reputational damage; the stealing of money, or theft of valuable equipment.

Third-party insurance, on the other hand, will help cover your customers, in the event of, for instance, breaches of privacy and security. Also covered will be the expense of notifying customers and loss of customer data, including paying out compensation in certain circumstances.

There’s usually a cover limit of around £1m – £5m, with £10m pounds being available in rare cases (according to the Association of British Insurers).

The ups and downs of cyber insurance

However, it’s worth bearing in mind that cyber insurance is still quite a young industry, and in one report by the CIO Journal, the difference between the US and UK markets have been noted:

“The cybersecurity insurance market is more mature in the US than in the EU, primarily because of US states’ mandatory data-breach-notification laws.”

It’s also been suggested that the trade-off between pay outs and premiums is not sufficiently tempting for a number of UK businesses, and they remain reluctant to adopt cyber insurance.

In conclusion, this latter concern in particular could be resolved by clear wording (already in evidence from some of the big players in the industry), and up-front communications from the insurance companies, so any potential client will know exactly what they are getting from the outset.

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • RANT Events
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001





Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?


Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you


Thank you for successfully uploading your CV.

Acumin Alerts


Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.



Thank you for submitting your vacancy.


Create an account to register your contact details, sign up for job alerts and upload your CV


Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management

Submit a Vacancy

Use the form below to submit a vacancy