Fast and flexible cyber insurance.
Cyber insurance
How cyber insurance can help your business
Extortion, hacking and ransomware
If you're held ransom by a hacker, or have to pay compensation to your customers because of a data breach, we'll cover damages and extortion payments, as well as costs associated with defending, negotiating and settling the claim.
Cybercrime
We offer an extension that will reimburse up to £100,000 in financial losses caused by funds transfer fraud (social engineering), phone hacking, botnet attack and cryptojacking.
Data protection breaches
If you believe you've suffered a data breach, contact our 24-hour breach response helpline, and we'll provide you with legal, IT security and PR support. We'll also help communicate the breach to affected customers and set up a call centre to assist them.
Business interruption
We'll reimburse income you lose because of a security breach affecting your computer systems - or those of your suppliers. We'll also pay for your data to be restored if it's lost or damaged in the process.
Features of our cyber insurance
Find out more about the risks it covers and what to look out for.
Cyber and privacy liability
Covers compensation you have to pay due to data or security breaches, including:
- Failure to disclose a breach within the GDPR time limits
- Failure to comply with parts of your privacy policy
Media content liability
Covers compensation you have to pay due to defamatory content or intellectual property infringement on your website, social media or online advertising.
This happens more often than you may think - for example, if someone were to accidentally use a trademarked image on one of your company’s social media accounts.
GDPR defence costs and penalties
The General Data Protection Regulation (GDPR) comes with stringent guidelines and fines of up to €20 million, or 4% of annual turnover, whichever is the greater.
Having the right cover in place can mean the difference between pulling through a difficult time or going out of business. Our insurance covers:
- Notification costs
- Breach response services
- Legal costs
Breaches involving credit or debit card information
Covers PCI fines, which can range from £3,000 to £60,000, plus expenses and legal costs due to a data or security breach involving credit card or debit card information.
Unauthorised use of your systems
Covering you for unauthorised use of your systems. For example, if a hacker accesses:
- Your phone system and makes calls
- Your computer system and launches a denial-of-service (DoS) attack against another company
- Your computer system to mine cryptocurrency (cryptojacking)
Website recovery services
If your website or computer systems slow down or stop working due to a distributed denial-of-service (DDoS) attack, our insurance will cover costs for DOSarrest to fix this.
Money paid to fraudulent sources
If money is paid by you or by your bank, on your behalf, in response to a fraudulent email or phone instructions.
Data breach response services
If you suspect a data breach or security breach has happened, you'll have access to a 24-hour helpline, plus our insurance will cover the costs of:
- Legal experts, to provide you with advice
- Support from a computer security expert, to help contain the breach
- Notifying those affected by the data breach, as required by law
- Call centre support, to field inquiries from those affected
- Credit and identity monitoring for those affected
- PR and brand crisis management
Business interruption
If a security breach or unplanned outage of your computer systems or any business that provides you with services, e.g. Amazon Web Services (AWS), our cover will reimburse you for the projected profit lost.
Legal costs
The insurer will arrange your legal defence and take care of costs, including legal fees and expenses to investigate, defence and settle any covered claim. If you or your employees have to attend court as witnesses, they will also pay £500 per day per for management and £250 per day for employees.
Cyber insurance FAQs
What does a cyber insurance policy cover?
Cyber insurance covers your business's liability for a data breach involving sensitive customer information, such as credit card numbers, passwords and personally identifiable information (PII).
How much cyber insurance do I need?
The limit you select should take into consideration your turnover. Having said that, one of the great things about our cover is that it pays for breach response services based on the number of people affected, rather than a set monetary amount - and these costs will be covered in addition to the limit you select.
What is personally identifiable information?
Personally identifiable information (PII) is any data which could be used to identify a specific person. This could be as simple as a name, location data, or an email address.
How does cyber insurance work?
Cyber insurance protects your liability against certain digital risks, from damages as a result of cyber-related data breaches to accidental copyright infringement - say if a company tweet accidentally used a trademarked image, leading to you being sued.
What are notification costs and why would I need cover for these?
Notification costs are the costs incurred in gathering information and contacting the relevant authorities and individuals affected by a security or data breach. Our cover includes support from experts who would work alongside your business to handle this difficult situation.
What businesses are at risk of a cyber attack?
Big brands tend to hit the headlines, but small and medium sized businesses are just as likely to fall victim to cyber attacks and data breaches. In 2019, more than 3 in 10 businesses in the UK identified cybersecurity breaches or attacks.
SMEs are often seen as a soft target, as they have fewer resources to put towards the technology and skills they need to stay safe. Plus they’re busy, which means security practices can often get overlooked. We've put together a helpful guide to cybersecurity for small businesses.
What is the excess on this policy?
The excess is from £500, but this will depend on the size of your business and activities you carry out.
How do I know if my business has been hacked?
You might not always be able tell that your systems have been hacked, however there are a few telltale signs. It’s important to stay vigilant and if you notice any of the signs below, the first thing for you to do is let us know.
If your business is a victim of ransomware, all or some of your files will be locked and you will receive a message requiring you to perform certain actions, or to pay a fee to unlock your systems. In this situation, please get in touch with us immediately.
Another less obvious example would be your mouse moving outside your personal control, as if someone else is controlling it. It could well be a bug, but it’s better to disconnect the device from your network and run a virus scan, just to be on the safe side.
How can I can protect my business from cybercrime?
- For starters, keep track of the data you hold and delete any records that you don’t need.
- Anonymise personal information where possible amd appropriate.
- Take a look at your processes, as a large amount of data tends to live in spreadsheets and ad-hoc files on your systems. There might be a better, safer way to store your information that doesn’t leave you open to unintended data breaches.
- Don't forget about employee training. Having continuous employee training and testing is just as important in implementing a strong cybersecurity program.
To find out more about securing your cyber risks, take a look at our guide to carrying out a cyber risk assessment.
What to watch out for when choosing cybersecurity insurance?
If your business needs professional indemnity insurance (PI), a good tip would be to try and make sure it’s the same insurer as the cyber liability insurer. The two covers are linked and have some crossover covers. When choosing your provider, make sure they have a good technical understanding of how they work together. At Superscript, we keep our PI and cyber liability covers together to make sure they both work for you and avoid any confusion.
Authorised by the FCA
The FCA supervises UK financial services firms to protect consumers. We are directly authorised and regulated by the FCA and our Firm Reference Number is 656459. These details can be confirmed on the Financial Services Register at www.fca.org.uk or by calling the FCA on 0845 606 1234.
A-rated financial strength
Our insurance products are underwritten by Standard & Poor’s A-rated financial strength or higher. This means the underwriter has been independently assessed by the world’s leading credit rating provider and found to have a strong capacity to meet financial commitments (pay claims).
Protected by the FSCS
If you are a business with an annual turnover under £1m, charity with an annual income under £1m, or trust with net assets under £1m, then you will be entitled to compensation from the FSCS in the unlikely event we cannot meet our obligations. Full details and further information on the scheme are available at www.fscs.org.uk.