A guide to cyber insurance
What is cyber insurance?
Any business of any size can experience a data breach or cyber-attack. If the worst does happen, it can have serious repercussions for your reputation, your computer systems and even your clients' businesses. Not to mention the cost of any legal fees and compensation claims.
Cyber insurance is designed to cover any business which operates online or is exposed to the internet and the risks that come with storing and handling data. It can also provide cover for extortion, system rectification costs, plus PR expenses and financial loss due to system downtime.
Who is cyber insurance for?
Even if you're not "in the cloud" or you don't get "big data", read on.
Few businesses can get by today without some form of technology, whether it's a website, social media, data servers or basic online software. Even with a small IT footprint, cyber-attacks can still be a risk.
Just over four in ten businesses (43%) said they’d experienced some form of cyber attack or breach in 2024–2025. That’s roughly 612,000 businesses in the UK that faced a cyber-security incident in those 12 months.
Being hit by a cyber-attack can lead to damage to finances, reputation and take time away from building your business.
What are the risks?
Data breaches and hacking are big news, with frequent reports showing the damage they can do to business reputations, customer trust and the bottom line.
And it isn't just big businesses affected. In fact, hackers will often target smaller companies, using them as a gateway to more lucrative and data-rich firms.
You also have data protection laws to think about, with penalties of up to £17.5 million or 4% of annual turnover if your business fails to comply with the General Data Protection Regulations.
The extent of your risk depends on the number and type of records you hold. You should also consider the network security and backup measures you’ve got in place.
If you’re running an online shop, for example, you’re likely taking customer PII — Personally Identifiable Information. This includes their name, address and payment details. Storing these in a spreadsheet on your desktop, without password protections or other securities in place, could spell danger. If you click on one wrong phishing email, you could be compromising your customer data and putting your business at risk.
Where your data originates from can also be an issue, as different data protection regulations apply to most overseas jurisdictions.
Get cyber-aware and learn tips and tricks to keep you and your data safe in our ultimate guide to small business cyber-security.
Things you can do to keep your data safe
There are several steps you can take to keep out of the cross-hairs of hackers. For example:
- Keep track of the data you hold, and if you don't need it, delete it
- Anonymise personal information where possible
- Implement two-factor authentication (2FA)
- If your data still lives in spreadsheets, consider updating your systems. There might be a solution that not only provides security but also improves efficiency and productivity
- Carefully vet all your suppliers
- Build a security-first culture — encourage your team to spot and report risks
- Reach out to a professional for advice if you’re unsure
What to watch out for in a cyber policy
Cyber insurance is closely linked to professional indemnity insurance, so make sure your insurance provider has a good technical understanding of how they work together.
When you take out a cyber liability insurance policy, you’ll likely need to disclose the type of data you're holding. This is particularly important for financial information.
As with any insurance policy, you’ll need to keep track of any changes in your business, as this can affect its validity. It’s important to disclose changes as soon as possible.
Finally, remember that while business insurance covers a range of eventualities and circumstances, it doesn’t cover everything. Please make sure to read your policy documents carefully to understand the full details around exclusions, terms and limits of your cover.
Once you've completed a quote, you'll be able to view a summary of cover. Please always refer to your policy documents for full details around exclusions, terms and limits of your customised cover. Read our guide to understanding your policy documents.
Download your free guide to cyber risk
If you rely on systems, suppliers or customer data, you have exposure.
Download our report for a clear view of the UK threat landscape — and what resilient businesses are doing differently.
✔️ Understand where your business might be exposed
✔️ Benchmark yourself against 1,000 UK businesses
✔️ Straightforward guidance you can act on straight away
Read on
Our insurance guides answer more of your cyber insurance questions.
What is covered under cyber insurance?
Cyber insurance is designed to cover any business which operates online or is exposed to the internet. Find out if you need it.
How much does cyber insurance cost?
Several factors affect the price of cyber cover — learn what they are and how much cyber liability is.
How to keep your business cyber safe
Business are exposed to more risks than ever before. Read our top cybersecurity tips to keep your business safe.