Protect your business with cyber cover designed for a fast-changing digital world. Done and dusted in under 10 minutes, with cover from £10.79 per month.
What is cyber insurance?
Cyber insurance, also known as cyber liability insurance or cybersecurity insurance, is designed to cover risks that come with storing and handling data when running a business.
10% of businesses paid £10.79 a month or less for their Superscript cyber security insurance between January and March 2023.
You can protect your business for specific cyber risks, including:
- Accidental privacy breaches
- Business interruption
- Hacking, extortion and ransomware
- Lost income and restoring data
- Denial-of-Service attacks
- PCI DSS compliance
Be quote confident
We're big on fairness. So if you find a lower price for a comparable quote, we won't just match it – we'll go one better and beat it.
So even better than apples to apples, apples to better apples. We're talking Galas to Braeburns.
As you'd expect, T&Cs apply.
How cyber insurance can help your business
If you believe you've suffered a data breach, before you even begin your claim, contact our 24-hour breach response helpline, and we'll provide you with industry-leading legal, IT security and PR support to help your business deal with the incident. Your cyber business insurance can then help your business by covering:
Extortion, hacking and ransomware
If you're held ransom by a hacker, or have to pay compensation to your customers because of a data breach, we can cover damages and extortion payments, as well as costs associated with defending, negotiating and settling the claim.
You may be reimbursed the income you lose because of a cybersecurity breach affecting your computer systems - or those of your suppliers (also known as dependent businesses), meaning that you are not left out of pocket by interruptions to either your system, or those of another business that you rely on. We can also pay for your data to be restored if it's lost or damaged in the process.
Payment Card industry Data Security Standard (PCI DSS)
Any business that uses an electronic payment card system should be PCI DSS compliant to reduce the risk of data breaches involving customers’ card details. Cyber insurance covers your business in the event that private card data leaves your system. You will be provided with the services of a lawyer and a cyber response team to guide you through the process, and all fines and expenses may be paid, up to the policy limit.
Social Engineering, Email Fraud and Phone Hacking
We offer an extension to our policy that will reimburse up to £100,000 in financial losses caused by funds transfer fraud (social engineering), phone hacking, botnet attack and cryptojacking. In short, a cyber insurance policy could protect you against losses if you are given false information by a hacker that exposes your finances.
Once you've completed a quote, you'll be able to view a summary of cover. Please always refer to your policy documents for full details around exclusions, terms and limits of your customised cover. Read our guide to understanding your policy documents.
Features of Superscript’s cyber insurance policy
Cyber and privacy liability
Covers compensation you have to pay due to data or security breaches, including:
- Failure to disclose a breach within the GDPR time limits
Defamation and IP infringement media liability
Covers compensation you may have to pay due to defamatory content posted by an employee or intellectual property infringement on your website, social media or online advertising (whether intentional or not).
This happens more often than you may think - for example, if someone were to accidentally use a trademarked image on one of your company’s social media accounts.
Breaches involving credit or debit card information
Our policy covers payment card industry (PCI) fines, which can range from £3,000 to £60,000, plus expenses and legal costs due to a data or security breach involving credit card or debit card information. This is of particular relevance to small businesses and shops using mobile card payment systems.
If, as the result of any kind of hack or breach, private card data leaves your system, Superscript’s cyber insurance policy provides you with a lawyer and cybersecurity expert to guide you through the process, as well as paying all fines and legal expenses up to the policy limit.
We work with an industry-leading cyber response team to help you minimise the impact of a credit or debit card data breach on your business.
Interruption to business activity due to a cyber outage
If a cyber issue causes an unplanned outage of either your computer systems or any business that provides you with services (known as a dependent business), e.g. Amazon Web Services (AWS), our cover could reimburse you for the projected profit lost.
GDPR defence costs and penalties
The General Data Protection Regulation (GDPR) comes with stringent guidelines and fines of up to £17.5 million (€20 million in the EU), or 4% of annual global turnover, whichever is greater.
Having the right cover in place can mean the difference between pulling through a difficult time or going out of business. Our insurance covers:
- Notification costs
- Breach response services
- Legal costs
Unauthorised use of your systems
Covering you for unauthorised use of your systems. For example, if a hacker accesses:
- Your phone system and makes calls
- Your computer system and launches a denial-of-service (DoS) attack against another company
- Your computer system to mine cryptocurrency (cryptojacking)
Website recovery services
Money paid to fraudulent sources
If money is paid by you or by your bank, on your behalf, in response to a fraudulent email or phone instructions.
Data breach response services to help you after a cyber attack
If you suspect a data breach or security breach has happened, such as a hack of your system and theft or leak of personal identifiable information (PII) like customers’ medical records, passport numbers or bank account details, you'll have access to a 24-hour helpline with an industry-leading breach response team to guide you through the next steps. Plus, our cyber insurance will cover the costs of:
- Legal experts, to provide you with advice
- Support from a computer security expert, to help contain the breach
- Notifying those affected by the data breach, as required by law
- Call centre support, to field inquiries from those affected
- Credit and identity monitoring for those affected
- PR and brand crisis management
The insurer will arrange your legal defence and take care of costs, including legal fees and expenses to investigate, defend and settle any covered claim. If you or your employees have to attend court as witnesses in a cyber case, our cyber cover could pay up to:
- £500 per day for management
- £250 per day for employees
What our expert says
Harry Dibben, Lead Underwriter
People tend to conflate ‘cyber’ with ‘data’ which is a very dated approach. In fact, some markets still refer to cyber cover as ‘data breach’ insurance which doesn’t help things. The scope of coverage provided by a cyber policy is far wider reaching.
Cyber insurance claims
There are various different types of cyber insurance claim that can affect different industries, but here are a few examples of specific claims that could be covered by our customised policy:
Ransomware shuts down your business
A member of your office staff at your marketing agency accidentally opens a malicious email and downloads ransomware onto your company’s system, locking your files. Your policy covers the ransom demand to unlock your system and covers profits lost due to business interruption.
Customers’ credit card details are stolen
The payment card system in your clothing shop is hacked and customers’ private card details are stolen. Your policy covers your legal costs and compensation payments due to affected customers, as well as any fines for PCI DSS non-compliance.
Business disruption due to cyber attack
The website that your online building supplies business runs on crashes due to a cyber attack on the web service firm that hosts your site. Your cyber policy pays out for all projected profits lost during your company’s downtime, even if the outage happened at a third-party business you depend on.
We offer cyber cover to over 1,000 industries
From auditors to sportswear suppliers, and freight agents to lifestyle consultants, we insure a wide range of companies and sole traders to protect them from the risks associated with doing business in an increasingly digital world.
While cyber cover isn’t required by law, it can be crucial to protecting many industries and businesses, even those who do not consider themselves to be at risk of cyber attack.
Here are just a few of the diverse industries that Superscript has provided cyber cover for:
- Alarm wholesalers
- Window manufacturers
- Health coaches
- Property inventory writers
- Computer games retailers
- Speech and language therapists
To see if we offer cyber liability insurance for your industry, simply click ‘start your quote’.
What is unique about Superscript's cyber insurance?
At Superscript, we aim to offer businesses and entrepreneurs a customisable cyber insurance policy that reflects a changing cyber landscape, with constantly evolving threats and risks.
Our customisable cover gives you the choice to pay how you like, monthly or annually. And if you need to make changes to your cover, you can do so without fees.
As you grow your business, and as the world of cyber threats continues to evolve, you can adapt your cover so you only pay for what you need, and you can be confident that you have the cover your business requires.
Our super cyber cover also goes a step beyond and includes business interruption cover for when unforeseen cyber issues at your third-party suppliers (known as ‘dependent businesses’) cause interruptions to your business activities. You will not be put out of pocket by a cyber attack further up the supply chain.
How do claims work?
Notify us of the claim
Ideally this should be done as soon as possible and within 30 days of you becoming aware of anything which you think may be covered by your insurance.
A good indicator of whether or not to let us know is if there's an issue which may require a payment to be made on your behalf.
Call our 24/7 breach response helpline
With Superscript's cyber insurance, you have the support of an industry-leading breach response team in the event that your business is the victim of a hack or data breach.
You will be guided through your breach response by legal experts, cybersecurity experts and will have access to call centre support to notify all your customers who have been affected by the breach.
We'll get on the case
We'll acknowledge your claim within 24 hours, and sometimes in as little as 30 minutes! This means you'll receive email confirmation of your claims reference and contact information should you need to speak to us.
We will then reach out to you within 48 hours to request any extra information we need to progress your claim.
We'll keep you updated on the next steps as the claim progresses.
A decision is made
We'll let you know if your claim is successful or not. If your claim isn't covered, we will always try to point you in the right direction and support you as best we can in getting back to normal.
If your claim is successful, once we have all the documents we need, we will aim to settle claims such as accidental damage, theft and lost equipment within five working days.
Cyber insurance FAQs
Cyber insurance covers your business's liability for a data breach involving sensitive customer information, such as credit card numbers, passwords and personally identifiable information (PII).
Cyber insurance from Superscript starts at £10.79 per month, but this will vary according to the cover your business needs.
The limit you select should take into consideration your turnover. Having said that, one of the great things about our cover is that it pays for breach response services based on the number of people affected, rather than a set monetary amount - and these costs will be covered in addition to the limit you select.
If you end up having to make a claim on your cyber insurance policy, you will be asked a set of questions to help us assess your claim as quickly as possible:
- The date of the incident
- When you first became aware of an incident
- Confirmation of whether or not you’ve contacted Action Fraud to report the issue
- Whether you think your finances may be vulnerable – if so, your bank should be contacted immediately
- What systems do you believe have been targeted?
- Are you aware of any specific parties who may have been affected? If yes, please provide the relevant information
- Is your business still able to run and operate effectively? If no, how has your business been affected?
Personally identifiable information (PII) is any data which could be used to identify a specific person. This could be as simple as a name, location data, or an email address.
Cyber insurance protects your liability against certain digital risks, from damages as a result of cyber-related data breaches to accidental copyright infringement - say if a company tweet accidentally used a trademarked image, leading to you being sued.
Notification costs are the costs incurred in gathering information and contacting the relevant authorities and individuals affected by a security or data breach. Our cover includes support from experts who would work alongside your business to handle this difficult situation.
Big brands tend to hit the headlines, but small and medium sized businesses are just as likely to fall victim to cyber attacks and data breaches. In 2019, more than 3 in 10 businesses in the UK identified cybersecurity breaches or attacks.
SMEs are often seen as a soft target, as they have fewer resources to put towards the technology and skills they need to stay safe. Plus they’re busy, which means security practices can often get overlooked. We've put together a helpful guide to cybersecurity for small businesses.
The excess is from £500, but this will depend on the size of your business and activities you carry out.
You might not always be able tell that your systems have been hacked, however there are a few telltale signs. It’s important to stay vigilant and if you notice any of the signs below, the first thing for you to do is let us know.
If your business is a victim of ransomware, all or some of your files will be locked and you will receive a message requiring you to perform certain actions, or to pay a fee to unlock your systems. In this situation, please get in touch with us immediately.
Another less obvious example would be your mouse moving outside your personal control, as if someone else is controlling it. It could well be a bug, but it’s better to disconnect the device from your network and run a virus scan, just to be on the safe side.
- For starters, keep track of the data you hold and delete any records that you don’t need.
- Anonymise personal information where possible amd appropriate.
- Take a look at your processes, as a large amount of data tends to live in spreadsheets and ad-hoc files on your systems. There might be a better, safer way to store your information that doesn’t leave you open to unintended data breaches.
- Don't forget about employee training. Having continuous employee training and testing is just as important in implementing a strong cybersecurity program.
To find out more about securing your cyber risks, take a look at our guide to carrying out a cyber risk assessment.
If your business needs professional indemnity insurance (PI), a good tip would be to try and make sure it’s the same insurer as the cyber liability insurer. The two covers are linked and have some crossover covers. When choosing your provider, make sure they have a good technical understanding of how they work together. At Superscript, we keep our PI and cyber liability covers together to make sure they both work for you and avoid any confusion.
Yes, the cost of your business’ cybersecurity insurance premium (both first and third-party cover) can be written off as a business expense against tax in the UK.
Cyber insurance is not currently a legal requirement for businesses in the UK. However, it can provide cover for any accidental breaches of GDPR, which is stringently enforced by law and can incur fines of up to £17.5 million or 4% of annual global turnover, whichever is greater.
In short, there is no substantive difference. You may have heard of, or read about, these two terms and found the differentiation confusing. Cyber security insurance and cyber liability insurance are alternative names for ‘cyber insurance’, which is the industry standard name for this type of policy. Liability insurance covers money you legally or contractually owe to a third party - as opposed to first-party insurance, which covers your personal loss as a business. Superscript’s cyber insurance covers both of these.
- 6 Sep 20234 minute read
The Securities and Exchange Commission (SEC) recently announced sweeping changes to cybersecurity reporting that will have a profound impact. Are you prepared?
Authorised by the FCA
The FCA supervises UK financial services firms to protect consumers. We are directly authorised and regulated by the FCA and our Firm Reference Number is 656459. These details can be confirmed on the Financial Services Register at www.fca.org.uk or by calling the FCA on 0845 606 1234.
A-rated financial strength
Our insurance products are underwritten by Standard & Poor’s A-rated financial strength or higher. This means the underwriter has been independently assessed by the world’s leading credit rating provider and found to have a strong capacity to meet financial commitments (pay claims).
Protected by the FSCS
If you are a business with an annual turnover under £1m, charity with an annual income under £1m, or trust with net assets under £1m, then you will be entitled to compensation from the FSCS in the unlikely event we cannot meet our obligations. Full details and further information on the scheme are available at www.fscs.org.uk.