What is Covered?


Database (Cyber) Insurance goes beyond traditional insurance coverage to address most every aspect of a data breach including third-party liability, notification, credit monitoring and reputation management.

Coverage provided can include: A minimum of a $1,000,000 Policy Aggregate Limit

Privacy Liability

Third Party coverage in response to the loss of Personally Identifiable Information (PII) in computer data, hard copy form and the liability arising from failure to comply with state and breach-notice laws. Coverage is also for failure to comply with the insured’s privacy policies.

Computer Information Security

Third party coverage in response to unauthorized access, theft of or destruction of data, denial of service attacks and virus transmission involving the insured's computer systems resulting from a computer security breach.

Electronic Media Liability

Covers display of electronic media (content) on the insured's website; and extends to many internet-related exposures including advertising injuries that are not covered or normally excluded under many of today's General Liability policies.

Ransomware/Cyber Extortion/Phishing Attacks:

Coverage is available for payments of Ransom/Extortion demands. This coverage is incredibly important when businesses are not able to operate due to their network being locked down (Extorted). This is meaningful for companies who rely heavily on their computers and networks.

First Party Coverage from Loss due to Network Security Breaches

Optional coverage endorsement available for destruction and loss of data as well as network business interruption and cyber extortion caused by failure of computer security to prevent a security breach.

  • Breach response services can be provided outside the aggregate limit of liability
  • Forensic and legal assistance to help determine the extent of the breach and the steps needed to comply with applicable laws
  • Notification provided on a number of affected individuals basis, not a capped dollar amount, to persons who must be notified under applicable law or those who are determined to be subject to risk of financial, reputational or other harm
  • Notified individuals receive an offer credit or identity monitoring
  • Identity theft-related fraud resolution services for individuals enrolled in credit monitoring who become victims of identity theft
  • Additional insuring agreement providing for indemnification of Payment Card Industry (PCI) fines and penalties, resulting from non-compliance with published PCI data security standards
  • Regulatory defense and penalties
  • Public relations and crisis management expenses

Loss control information service provided with each policy, including compliance and breach response information, email alerts of key legal and regulatory developments, and expert on-line support for client questions on data security issues

This coverage is only available through IT Risk Managers, a licensed insurance broker in 48 contiguous states. However, coverage may not be available in all jurisdictions. The exact coverage afforded by the product described herein is subject to and governed by the terms and conditions of each policy issued. Limits discussed are only for discussion purposes and the exact limits offered will be as stated in the policy. The publication and delivery of the information contained herein is not intended as a solicitation for the purchase of insurance. The descriptions contained in this communication are for preliminary informational purposes only.