Flexible, adaptable cover for UK-based businesses.
Cyber insurance
How cyber insurance can help your business
If you believe you've suffered a data breach, contact our 24-hour breach response helpline before you even begin your claim. We'll provide you with industry-leading legal, IT security and PR support to help your business deal with the incident. Your cyber business insurance can then help your business by covering:
Extortion, hacking and ransomware
If you're held ransom by a hacker, or have to pay compensation to your customers because of a data breach, we can cover damages and extortion payments, as well as costs associated with defending, negotiating and settling the claim.
Business interruption
You may be reimbursed the income you lose because of a cybersecurity breach affecting your computer systems — or those of your suppliers (also known as dependent businesses), meaning that you are not left out of pocket by interruptions to either your system, or those of another business that you rely on. We can also pay for your data to be restored if it's lost or damaged in the process.
Payment Card industry Data Security Standard (PCI DSS)
Any business that uses an electronic payment card system should be PCI DSS compliant to reduce the risk of data breaches involving customers’ card details. Cyber insurance covers your business in the event that private card data leaves your system. You will be provided with the services of a lawyer and a cyber response team to guide you through the process.
Privacy liability
Cyber insurance policies cover damages you are legally obliged to pay and defence costs incurred because of a data breach, a security or data breach (or your organisation’s failure to disclose such a breach) and failure to comply with certain parts of your privacy policy.
Social Engineering, Email Fraud and Phone Hacking
We offer an extension to our policy that will reimburse up to £100,000 in financial losses caused by funds transfer fraud (social engineering), phone hacking, botnet attack and cryptojacking. In short, a cyber insurance policy could protect you against losses if you are given false information by a hacker that exposes your finances.
Features of Superscript’s cyber insurance policy
Cyber and privacy liability
Covers compensation you have to pay due to data or security breaches, including:
- Failure to disclose a breach within the GDPR time limits
- Failure to comply with parts of your privacy policy
Defamation and IP infringement media liability
Covers compensation you may have to pay due to defamatory content posted by an employee or intellectual property infringement on your website, social media or online advertising (whether intentional or not).
This happens more often than you may think - for example, if someone were to accidentally use a trademarked image on one of your company’s social media accounts.
Breaches involving credit or debit card information
Our policy covers payment card industry (PCI) fines, which can range from £3,000 to £60,000, plus expenses and legal costs due to a data or security breach involving credit card or debit card information. This is of particular relevance to small businesses and shops using mobile card payment systems.
If, as the result of any kind of hack or breach, private card data leaves your system, Superscript’s cyber insurance policy provides you with a lawyer and cybersecurity expert to guide you through the process, as well as paying all fines and legal expenses up to the policy limit.
We work with an industry-leading cyber response team to help you minimise the impact of a credit or debit card data breach on your business.
Interruption to business activity due to a cyber outage
If a cyber issue causes an unplanned outage of either your computer systems or any business that provides you with services (known as a dependent business), e.g. Amazon Web Services (AWS), our cover could reimburse you for the projected profit lost.
GDPR defence costs and penalties
The General Data Protection Regulation (GDPR) comes with stringent guidelines and fines of up to £17.5 million (€20 million in the EU), or 4% of annual global turnover, whichever is greater.
Having the right cover in place can mean the difference between pulling through a difficult time or going out of business. Our insurance covers:
- Notification costs
- Breach response services
- Legal costs
Unauthorised use of your systems
Covering you for unauthorised use of your systems. For example, if a hacker accesses:
- Your phone system and makes calls
- Your computer system and launches a denial-of-service (DoS) attack against another company
- Your computer system to mine cryptocurrency (cryptojacking)
Website recovery services
If your website or computer systems slow down or stop working due to a distributed denial-of-service (DDoS) attack, our insurance will cover costs for DOSarrest to fix this.
Money paid to fraudulent sources
If money is paid by you or by your bank, on your behalf, in response to a fraudulent email or phone instructions.
Data breach response services to help you after a cyber attack
If you suspect a data breach or security breach has happened, such as a hack of your system and theft or leak of personal identifiable information (PII) like customers’ medical records, passport numbers or bank account details, you'll have access to a 24-hour helpline with an industry-leading breach response team to guide you through the next steps. Plus, our cyber insurance will cover the costs of:
- Legal experts, to provide you with advice
- Support from a computer security expert, to help contain the breach
- Notifying those affected by the data breach, as required by law
- Call centre support, to field inquiries from those affected
- Credit and identity monitoring for those affected
- PR and brand crisis management
Legal costs
The insurer will arrange your legal defence and take care of costs, including legal fees and expenses to investigate, defend and settle any covered claim. If you or your employees have to attend court as witnesses in a cyber case, our cyber cover could pay up to:
- £500 per day for management
- £250 per day for employees
Cyber insurance claims
There are various different types of cyber insurance claim that can affect different industries, but here are a few examples of specific claims that would be covered by Superscript’s flexible policy:
Ransomware shuts down your business
A member of your office staff at your marketing agency accidentally opens a malicious email and downloads ransomware onto your company’s system, locking your files. Your policy covers the ransom demand to unlock your system and covers profits lost due to business interruption.
Customers’ credit card details are stolen
The payment card system in your clothing shop is hacked and customers’ private card details are stolen. Your policy covers your legal costs and compensation payments due to affected customers, as well as any fines for PCI DSS non-compliance.
Business disruption due to cyber attack
The website that your online building supplies business runs on crashes due to a cyber attack on the web service firm that hosts your site. Your cyber policy pays out for all projected profits lost during your company’s downtime, even if the outage happened at a third-party business you depend on.
We offer cyber cover to over 1,000 industries
From auditors to sportswear suppliers and freight agents to lifestyle consultants, we insure a wide range of companies and sole traders to protect them from the risks associated with doing business in an increasingly digital world.
While cyber cover isn’t required by law, it can be crucial to protecting many industries and businesses, even those who do not consider themselves to be at risk of cyber attack.
Here are just a few of the diverse industries that Superscript has provided flexible cyber cover for:
- Alarm wholesalers
- Window manufacturers
- Health coaches
- Property inventory writers
- Computer games retailers
- Solicitors
- Speech and language therapists
To see if we offer flexible cyber liability insurance for your industry, simply click ‘Start your quote’.
What is unique about Superscript's cyber insurance?
At Superscript, we aim to offer businesses and entrepreneurs a flexible and adaptable cyber insurance policy that reflects a changing cyber landscape, with constantly evolving threats and risks.
As you grow your business — and as the world of cyber threats continues to evolve — you can adapt your cover so you only pay for what you need.
Superscript’s cyber cover also goes a step beyond the rest and includes business interruption cover for when unforeseen cyber issues at your third-party suppliers (known as ‘dependent businesses’) cause interruptions to your business activities.
This cover can help minimise disruptions to your business caused by a cyber attack further up the supply chain.
How do cyber insurance claims work?
The below is a good guide to the process and timescales you can expect when you need to make a claim under your policy.
If you’re ever unsure whether you can or should claim, it’s best to get in touch and we can let you know.
Notify us of the claim
Contact us by email at claims@gosuperscript.com, by 24/7 freephone on 0800 772 3059 or by logging in to your customer portal.
Ideally this should be done as soon as possible and within 30 days of you becoming aware of anything (and we mean anything, even if it may seem trivial to you) which you think may be covered by your cyber insurance.
A good indicator of whether or not to let us know is if there’s an issue which may require a payment to be made on your behalf.
Call our 24/7 breach response helpline
With Superscript's cyber insurance, you have the support of an industry-leading breach response team in the event that your business is the victim of a hack or data breach.
You will be guided through your breach response by legal experts, cybersecurity experts and will have access to call centre support to notify all your customers who have been affected by the breach.
We'll get on the case
We’ll acknowledge your claim within 24 hours — and sometimes in as little as 30 minutes! This means you’ll receive email confirmation of your Superscript claims reference and contact information should you need to speak to us.
We will then reach out to you within 48 hours to request any extra information we need to progress your claim.
We’ll keep you updated on the next steps as the claim progresses.
A decision is made
We’ll let you know if your claim is successful or not. At Superscript, if your claim isn’t covered, we will always try to point you in the right direction and support you as best we can in getting back to normal.
Read about the most common reasons claims aren't paid.
If your claim is successful, once we have all the documents we need, we will aim to settle claims such as accidental damage, theft and lost equipment within 5 working days.
Cyber insurance FAQs
What does a cyber insurance policy cover?
Cyber insurance covers your business's liability for a data breach involving sensitive customer information, such as credit card numbers, passwords and personally identifiable information (PII).
How much cyber insurance do I need?
The limit you select should take into consideration your turnover. Having said that, one of the great things about our cover is that it pays for breach response services based on the number of people affected, rather than a set monetary amount - and these costs will be covered in addition to the limit you select.
What information do I need to provide when making a cyber insurance claim?
If you end up having to make a claim on your cyber insurance policy, you will be asked a set of questions to help us assess your claim as quickly as possible:
- The date of the incident
- When you first became aware of an incident
- Confirmation of whether or not you’ve contacted Action Fraud to report the issue
- Whether you think your finances may be vulnerable – if so, your bank should be contacted immediately
- What systems do you believe have been targeted?
- Are you aware of any specific parties who may have been affected? If yes, please provide the relevant information
- Is your business still able to run and operate effectively? If no, how has your business been affected?
What is personally identifiable information?
Personally identifiable information (PII) is any data which could be used to identify a specific person. This could be as simple as a name, location data, or an email address.
How does cyber insurance work?
Cyber insurance protects your liability against certain digital risks, from damages as a result of cyber-related data breaches to accidental copyright infringement - say if a company tweet accidentally used a trademarked image, leading to you being sued.
What are notification costs and why would I need cover for these?
Notification costs are the costs incurred in gathering information and contacting the relevant authorities and individuals affected by a security or data breach. Our cover includes support from experts who would work alongside your business to handle this difficult situation.
What businesses are at risk of a cyber attack?
Big brands tend to hit the headlines, but all businesses can fall victim to cyber attacks and data breaches.
SMEs often have fewer resources to stay safe. We've put together a helpful guide to cybersecurity for small businesses.
What is the excess on this policy?
The excess is from £500, but this will depend on the size of your business and activities you carry out.
How do I know if my business has been hacked?
You might not always be able tell that your systems have been hacked, however there are a few telltale signs. It’s important to stay vigilant and if you notice any of the signs below, the first thing for you to do is let us know.
If your business is a victim of ransomware, all or some of your files will be locked and you will receive a message requiring you to perform certain actions, or to pay a fee to unlock your systems. In this situation, please get in touch with us immediately.
Another less obvious example would be your mouse moving outside your personal control, as if someone else is controlling it. It could well be a bug, but it’s better to disconnect the device from your network and run a virus scan, just to be on the safe side.
How can I can protect my business from cybercrime?
- For starters, keep track of the data you hold and delete any records that you don’t need.
- Anonymise personal information where possible amd appropriate.
- Take a look at your processes, as a large amount of data tends to live in spreadsheets and ad-hoc files on your systems. There might be a better, safer way to store your information that doesn’t leave you open to unintended data breaches.
- Don't forget about employee training. Having continuous employee training and testing is just as important in implementing a strong cybersecurity program.
To find out more about securing your cyber risks, take a look at our guide to carrying out a cyber risk assessment.
What to watch out for when choosing cybersecurity insurance?
If your business needs professional indemnity insurance (PI), a good tip would be to try and make sure it’s the same insurer as the cyber liability insurer. The two covers are linked and have some crossover covers.
When choosing your provider, make sure they have a good technical understanding of how they work together. At Superscript, we keep our PI and cyber liability covers together to make sure they both work for you and avoid any confusion.
Is cyber insurance tax deductible?
Yes, the cost of your business’ cybersecurity insurance premium (both first and third-party cover) can be written off as a business expense against tax in the UK.
Is cyber insurance a legal requirement for UK businesses?
Cyber insurance is not currently a legal requirement for businesses in the UK. However, it can provide cover for any accidental breaches of GDPR, which is stringently enforced by law and can incur fines of up to £17.5 million or 4% of annual global turnover, whichever is greater.
What’s the difference between cyber liability insurance and cybersecurity insurance?
In short, there is no substantive difference. You may have heard these two terms and found the differentiation confusing. Cyber security insurance and cyber liability insurance are alternative names for ‘cyber insurance’, which is the industry standard name for this type of policy.
Liability insurance covers money you legally or contractually owe to a third party — as opposed to first-party insurance, which covers your personal loss as a business. Superscript’s cyber insurance covers both of these.
Are small businesses exempt from GDPR law?
All organisations are required to follow the new UK GDPR law that has been in place since January 2021. However, businesses with fewer than 250 employees are exempt from some record-keeping requirements within the regulations.
Boost your cover with legal protection insurance
Covers compensation awards, professional fees and legal costs associated with a range of legal disputes.
Authorised by the FCA
The FCA supervises UK financial services firms to protect consumers. We are directly authorised and regulated by the FCA and our Firm Reference Number is 656459. These details can be confirmed on the Financial Services Register at www.fca.org.uk or by calling the FCA on 0845 606 1234.
A-rated financial strength
Our insurance products are underwritten by Standard & Poor’s A-rated financial strength or higher. This means the underwriter has been independently assessed by the world’s leading credit rating provider and found to have a strong capacity to meet financial commitments (pay claims).
Protected by the FSCS
If you are a business with an annual turnover under £1m, charity with an annual income under £1m, or trust with net assets under £1m, then you will be entitled to compensation from the FSCS in the unlikely event we cannot meet our obligations. Full details and further information on the scheme are available at www.fscs.org.uk.