Cyber Insurance

Data breach response, ransomware, business interruption, regulatory defense, and social engineering coverage. Placed by a broker who understands both the technology and the policy language.

What it covers

  • Data breach response. Forensic investigation, legal counsel, notification, credit monitoring, and PR costs.
  • Ransomware and cyber extortion. Ransom payments (where legal), negotiation costs, and business interruption.
  • Business interruption. Lost income when your systems go down, whether from an attack, system failure, or cloud provider outage.
  • Regulatory defense. Legal costs for regulatory investigations and, where insurable, fines and penalties.
  • Social engineering. Coverage when an employee is tricked into sending money to a fraudulent account.
  • Third-party liability. Claims from clients who suffer losses because of a breach at your company.

What I check that other brokers miss

  • Does "computer system" include cloud infrastructure? If your operations run on AWS, Azure, or GCP and the policy defines "computer system" as hardware you own, a cloud outage may not be covered.
  • Are sublimits adequate? A $2M cyber policy with a $100K sublimit on business interruption gives you $100K of BI coverage. Many policies bury sublimits in the endorsements.
  • Does ransomware coverage survive sanctions screening? OFAC compliance provisions can void ransomware payments. Some policies handle this better than others.
  • Is social engineering actually covered? Some policies include it, some exclude it, some cover it with a sublimit so low it is meaningless.
  • What security controls does the policy require? Some policies require MFA, endpoint detection, or encrypted backups. If you don't meet those at claim time, the carrier can deny.

Need cyber coverage that matches your operations?

I'll review your current policy or help you build a program from scratch.

Get a Quote