Cyber Liability Insurance: A Quick Rundown from Distinguished

In 2023, the largest risk to global business wasn’t supply chain issues, energy shortages, or climate change — it was cybercrime. Cybercrime has quickly become a global menace for businesses that will cost companies an estimated $9.22 trillion in 2024. 

Due to this growing vulnerability, it’s more important than ever that businesses and organizations protect themselves with comprehensive cyber liability insurance. This kind of insurance will help companies and organizations not only survive the costs of cybercrime but also prepare them with the tools they need to minimize these threats. 

In this guide, we’ll explain the basics of cyber liability insurance, including what it is, who needs it, what it covers, and more. This way, you can help all of your clients get the comprehensive cyber liability insurance their business or organization needs to protect their online data. 

What is Cyber Liability Insurance?

Cyber liability insurance is a comprehensive insurance package designed to give businesses and organizations all the coverages and tools to overcome the costs of cybercrime. This includes insurance that covers all kinds of cybercrime-related costs, such as lawsuits, notification costs, and PR. 

Cyber insurance also gives organizations the tools they need to mitigate the costs of cybercrime. For instance, Distinguished’s Cyber Liability Coverage includes access to a specialized breach response team that can help diagnose where the data leak is in your system so the scope of the damages is narrowed as much as possible. 

Who Needs Cyber Insurance? 

Any organization that keeps private information on a device connected to the internet should invest in cyber insurance.  

This can include: 

  • Restaurants 
  • Hotels 
  • Resorts 
  • Community associations 
  • Condominium associations 
  • HOAs 
  • And more 

Although any business with a digital presence should have cyber insurance, the hospitality industry is especially vulnerable. Businesses like restaurants and hotels deal with large numbers of clients and often process payments through online portals or with credit and debit cards. Compared to other industries like finance, they’re less likely to have robust security protocols or training. All of this makes hospitality targets favored victims of cybercriminals. 

Another growing target of cybercrime is community associations. HOAs, co-ops, and others usually rely on outdated technology and volunteers. However, their systems can contain very valuable information like addresses, names, and SSNs. For this reason, our insurance experts are urging all community associations to include cyber liability coverage in their insurance packages. 

Why Do Organizations Need Cyber Insurance?

All kinds of businesses and organizations need to consider cyber liability insurance because these attacks are becoming more expensive and more common. Here are some eye-opening statistics that highlight the importance of cyber insurance for organizations: 

  • According to recent studies by IBM, the worldwide average cost of a single data breach reached a staggering $4.45 million in 2023. This represents a significant 15% increase in just three years, underscoring the growing financial impact of cyber incidents on businesses. 
  • More than half of all companies worldwide have fallen victim to at least one cyberattack within the past year.  

For these reasons, it’s crucial that organizations get comprehensive cyber liability insurance, as many cannot survive this kind of expense without some form of insurance backing them up. 

What Does Cyber Liability Insurance Cover? 

Cyber liability insurance covers the majority of costs related to cybercrime. This includes direct costs, such as those from ransoms , but also indirect ones, like paying for brand protection. 

At Distinguished, our Cyber Liability Insurance program also provides both first-party and third-party coverages. With first-party cybercrime liability, your clients will get coverages designed to cover costs when their own systems are compromised. With third-party cyber liability, they get coverage if third parties sue your clients after a data breach on your client’s system. 

Here are just some of the costs your clients can expect to have covered when they get cyber liability insurance from Distinguished:  

  • Cyberattack costs: Direct costs associated with being the victim of a cyberattack, including theft of funds, extortion, and phishing schemes 
  • Response costs: Costs associated with responding to a cyberattack, including forensic, legal, and privacy breach management costs 
  • System costs: Costs associated with repairing systems after an attack 
  • Business interruption: Costs of a business being put on hold due to the attack 
  • Media costs: PR expenses to help protect a brand after a breach 
  • Liability costs: Legal fees and regulatory fines caused by an attack 

If you have any questions about what coverages are included in our program, feel free to reach out to one of our insurance experts for more details.  

What Doesn’t Cyber Liability Insurance Cover? 

Although cyber liability insurance will cover the vast majority of expenses that result from a cyberattack, there are some major exceptions. Here are some of the main things cyber liability insurance won’t cover for your clients:  

  • Hacks by foreign governments or terrorists: Most policies will not cover businesses if these kinds of state actors are behind the attack. 
  • Betterments: Most policies won’t cover the costs of improving your cyber security systems after a breach. 
  • Value lost due to intellectual property theft: If a company loses value because it lost control of intellectual property, that loss of value is not covered. 
  • Loss in value or future income: If a cyberattack leads to a loss in company value or future income, that loss would not be covered.

How Much Does Cyber Liability Insurance Cost? 

When it comes to cyber liability coverage through Distinguished, premiums start at around $ 660 annually.  

However, at the end of the day, the cost of cyber liability insurance for your client will depend on their specifics. When our underwriters are determining the cost of your client’s policy premium, they’ll look at a range of factors, including:  

  • Coverage amounts 
  • Revenue 
  • Current network security and risk factors 
  • The industry the organization is in 
  • History of cyber claims 
  • Types of data stored 

It’s important to remind clients that the sticker price isn’t always the most important factor. It’s what you’re getting for that price. With the cost of cybercrime being so high, it’s important your clients are completely covered, and sometimes that requires higher premiums. 

If you want a quote customized to your client’s needs, you can get one quickly with Distinguished. Simply register your brokerage, fill in your client’s information, and after submitting an application, you’ll receive a quote in 24-48 hours. 

How To Sell Cyber Insurance 

Selling cyber insurance requires many of the same skills that selling any other package does: communication, persuasion, and trust-building. However, cyber insurance is slightly trickier because cybercrime is less obvious. Business owners naturally understand the dangers of fires or floods. They also have a general understanding of how at-risk they are. For instance, a restaurant built beside a river can see that threat and plan accordingly. 

With cyber insurance, it’s your job to not just sell the insurance itself but also explain what the risks are and how threatened a client’s business is. You can do this by understanding what drives people to buy cyber insurance, pointing out common vulnerabilities in businesses like theirs, and giving examples of companies affected by these attacks. 

Know the Winning Arguments

Not all arguments for cyber insurance hold as much weight as others. Luckily, there’s data to help you decide on the best arguments to convince your clients. According to a 2019 CIAB report, the top three reasons small and medium-sized businesses (SMBs) decided to get cyber insurance were: 

  • Risk transfer (43%) 
  • Contract compliance (21%) 
  • Post-breach resources (20%) 

For larger businesses, the difference was even starker: 

  • Risk transfer (64%) 
  • Contract compliance (11%) 
  • Post-breach resources (11%) 

Take this as a guide for what you should emphasize in your pitch. Transferring risk to an insurer is the top reason, and that should be emphasized. However, adding in the importance of contract compliance and post-breach resources that many businesses won’t have access to also holds some water. 

Educate Clients About the Risks and Threats

Explain to your clients what risks are inherent to their business. For instance, ask them what kinds of personal data they store or work with. The more personal and important data they have, the higher their risks. This can include the obvious, like SSNs or banking information, and the more mundane, like phone numbers, names, and email addresses, which can be used for phishing schemes. 

It can also help to outline the kinds of cyberattacks that are common today. These include: 

  • Malware: Software intentionally designed to damage a computer, server, or computer network. Cybercriminals can use a computer infected with malware for several purposes: to steal confidential data, cause damage to data, or use the computer to carry out other criminal acts. 
  • Ransomware: A type of malware used to extort money by encrypting a victim’s data and then holding it for ransom. 
  • Phishing: An attempt by an individual or organization to gain private information, like usernames, passwords, or financial details, by tricking a target into sharing this info. 
  • Denial of Services (DoS): A cyberattack where the perpetrator tries to overload a network and force it offline by flooding it with requests. 
  • Business Email Compromise (BEC) attacks: Scam emails that look like they came from a legitimate and known source. For example, a criminal impersonates a vendor that a company regularly deals with and sends an invoice with an updated mailing address for payment. The criminals use slight variations on legitimate addresses (such as john.kelly@examplecompany.com vs. john.kelley@examplecompany.com) to fool victims into thinking fake accounts are authentic. 

To learn more, take a look at the US Small Business Association’s guide to cyber security

Give Clients Real-Life Examples 

It’s not hard these days to find examples of businesses in the US falling victim to cyberattacks. Your clients should know that businesses just like them are being attacked every day through examples that hit close to home.  

Generally, these stories should be from trusted sources in the same industry and show the risks your clients could face if they’re uninsured. 

Some examples of what you could look for include: 

All of these are local establishments in the US that were successfully targeted by hackers. They are recent stories and can highlight the risks all businesses face in today’s internet age. 

About Distinguished Programs

Distinguished Programs is a leading national insurance Program Manager providing specialized insurance programs to brokers and agents with specific expertise in Fine Art and Collectibles, Environmental and Construction Professional, Executive Lines, Inland Marine, Real Estate, Community Associations, Surety, Hotels, and Restaurants. Property and Liability products are distributed through a national network of agents and brokers. Serving the same core markets and partnering with the most stable and reputable carriers, Distinguished’s high-limit Umbrella programs remain the clear choice in its area of specialty for superior coverage, competitive pricing, and attentive service. Through thoughtful innovation, stemming back to 1995, Distinguished Programs fosters growth and opportunities for its brokers, carriers, and employees.

View a full list of our programs and submit business with Distinguished.

‣ Register Your Agency
‣ Learn More
‣ Contact Us

New call-to-action