Browse Definitions :
Definition

cybersecurity insurance

Contributor(s): Matthew Haughn

Cybersecurity insurance is a contract that an individual or entity can purchase to help reduce the financial risks associated with doing business online. In exchange for a monthly or quarterly fee, the insurance policy transfers some of the risk to the insurer.

Many companies purchase cybersecurity insurance policies to cover extra expenditures that could result from the physical destruction or theft of digital assets. Such expenditures typically include the cost of notifying customers that a security breach has incurred, as well as the cost of regulatory compliance fines.

To qualify for coverage, the individual or entity typically has to submit to a security audit by the insurance company or provide documentation with the assistance of an approved assessment tool, such as that offered by the Federal Financial Institutions Examination Council.

Many cybersecurity insurance policies only cover first-party losses to a company. Some policies, however, may also cover third-party liability losses.

Depending upon the price of the policy, coverage may include first and/or third-party liability for cyberextortion, costs associated with strengthening data security, damages due to corrupt or missing data, damages due to inoperable hardware or software and monetary loss from theft or lost business.

Because coverage is not often for the total amount of damages, many companies choose to buy additional insurance to cover amounts beyond which a cybersecurity policy covers.

 

This was last updated in May 2017

Continue Reading About cybersecurity insurance

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • Transport Layer Security (TLS)

    Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating ...

  • van Eck phreaking

    Van Eck phreaking is a form of electronic eavesdropping that reverse engineers the electromagnetic fields (EM fields) produced by...

  • zero-trust model (zero trust network)

    The zero trust model is a security model used by IT professionals that requires strict identity and device verification ...

SearchHealthIT

SearchDisasterRecovery

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

  • business continuity policy

    Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk ...

SearchStorage

  • solid-state storage

    Solid-state storage (SSS) is a type of computer storage media made from silicon microchips. SSS stores data electronically ...

  • persistent storage

    Persistent storage is any data storage device that retains data after power to that device is shut off. It is also sometimes ...

  • computational storage

    Computational storage is an information technology (IT) architecture in which data is processed at the storage device level to ...

Close