CYBERINSURANCE.CA

GET CYBER COVERAGE

What's in a cyber liability policy?

Safeguarding against the costly and disruptive effects of cyber attacks requires a proactive and preventive digital defense coupled with cyber insurance.

A proactive approach to security.

Canadians are seven times more likely to experience a digital hack at home than a fire, but they don’t do enough to protect their digital assets from cyber threats – including purchasing cyber insurance.

That’s why cyber liability insurance has emerged as a digital safety net for your assets. It helps protect everything from personal passwords and financial data to devices and business systems – guarding against the growing number of online threats. Cyber insurance covers financial losses from a cyber incident and provides support to help you respond and recover.

How does cyber insurance work?

Cyber liability insurance is similar to other common insurance types. It’s insurance coverage that helps protect you from the fallout of a cyber incident.

Like home or auto insurance, cyber insurance policies require a regular monthly or annual premium. That premium covers you against a range of digital threats. In the event of a cyber incident, your policy will help cover any financial losses you might suffer and provide recovery support to get you back on track.

The specific cyber coverage depends on the terms of your policy. Everyone’s cyber risks are unique, so it’s important to find a provider who can match the right policy to your needs.

Cyber insurance that offers next-level digital peace of mind.

Some cyber insurance providers offer financial loss coverages and recovery support with threat intelligence and preventative measures to help stop cyber incidents before they occur, reducing the need to make a claim.

BOXX Insurance’s Hackbusters® team resolves over 80% of reported cyber incidents without the need to make a claim.

LEARN MORE ABOUT THE HACKBUSTERS®

The response & recovery process

Contain the breach

Resecure the network

Address legal issues

Conduct full investigation

Why is cyber insurance important?

The consequences of a cyber attack can be devastating. In 2023, Canadian businesses spent $1.2 billion recovering from cyber incidents, up 50% from $600 million in 2021. [STATCAN]

In addition to financial loss, cyber incidents such as identity theft or cyber bullying, can result in significant mental stress and emotional strain, including feelings of embarrassment and shame.

With more than 70% of Canadians having experienced a cyber incident last year, leaving your digital assets and online IDs unprotected is no longer optional. With the right cyber insurance coverage, you can protect your assets and get access to experts that will help you respond and recover from a cyber incident.

What is the impact of a cyber incident?

A cyber incident is more than just an inconvenience. Whether you’re running a business or managing your personal life, a single attack can lead to financial loss, stolen data and a whole lot of stress. 

For businesses, that might mean downtime, reputational damage or costly recovery efforts. For individuals, it could mean identity theft, drained bank accounts or compromised accounts.

Nearly half (41%) of small businesses who were subject to a cyber attack, reported that it cost them at least $100,000 to recover from. [IBC]  Some of the consequences of a cyber incident include:

  • Financial losses
  • Loss of sensitive data
  • Business interruption
  • Legal fees and lawsuits
  • Reputational damage
  • Ransom demands
  • Network and device damage

Beyond financial costs, the stress and emotional burden of experiencing identity theft or being a victim of cyber bullying can be overwhelming and long-lasting. Some of the negative outcomes that individuals and families can face from a cyber incident can include:

  • Stolen funds and monetary loss
  • Identity theft
  • Lost personal and financial data
  • Cyber bullying
  • Social media account takeovers
  • Damaged phones and devices
  • Compromised accounts
  • Feelings of embarrassment and shame
VIEW THE GLOSSARY

Frequently asked questions about cyber insurance

Knowing how cyber insurance works can help you get the coverage you need to protect your personal and business assets.

Cyber insurance is a policy designed to help businesses and individuals mitigate the financial risks associated with cyber attacks, data breaches and other cyber-related incidents. It typically covers a range of expenses, including legal fees, data recovery and business interruption costs. 

Cyber insurance policies generally cover: 

  • Data breaches (including notification costs and identity protection for affected parties);
  • Business interruption due to a cyber incident;
  • Ransomware attacks (covering ransom payments and recovery efforts);
  • Cyber extortion;
  • Legal fees and regulatory fines;
  • Public relations to manage reputational damage; and
  • Data loss or corruption. 

Yes, small businesses are often targets of cyber attacks, and they can face significant financial harm from data breaches or system outages. Cyber insurance can help cover the costs of such incidents, even for businesses with limited resources. 

Cyber insurance is not required by law in most jurisdictions. However, certain industries (such as healthcare or finance) may have specific regulations that make it highly advisable or even required to have adequate coverage. Some clients or partners might also mandate that you have cyber insurance before doing business with you. 

The cost of cyber insurance varies widely based on factors such as the size of your business, the level of coverage you need, your industry and your company’s security posture. On average, small businesses might pay a few hundred to a few thousand dollars annually, while larger organizations can face higher premiums. 

The cost of cyber insurance is influenced by: 

  • The size of your business (more employees = higher premiums)
  • The nature of your operations (businesses that handle sensitive data may pay more)
  • Your cyber security practices (better security measures may lower premiums)
  • Your claims history (previous cyber incidents can increase premiums)
  • The scope of coverage you need 

Common exclusions in cyber insurance policies may include: 

  • Intentional acts (fraud or misconduct by employees or directors) 
  • Pre-existing vulnerabilities (incidents stemming from known vulnerabilities that weren’t addressed) 
  • Social engineering scams (in some policies, phishing and other fraud may not be covered) 
  • Physical damage caused by cyber attacks (this can be excluded in some policies) 
  • Unencrypted data (some insurers may exclude coverage if data wasn’t encrypted) 

To file a claim, you’ll need to: 

  1. Notify your insurer as soon as the cyber incident occurs, ideally within the time frame stipulated in your policy. 
  2. Document the incident (including evidence, such as logs, screenshots, or affected systems). 
  3. Work with forensic experts to determine the cause and impact of the breach. 
  4. Follow recovery and mitigation procedures as outlined in your policy, such as notifying affected parties or working with legal experts. 

Cyber insurance does not prevent cyber attacks but helps mitigate the financial and operational impact of an attack. However, insurers may offer resources, best practices, or even discounts for businesses that implement robust cyber security measures, such as multi-factor authentication or regular employee training. 

To choose the right cyber insurance policy, consider: 

  • Assessing your cyber risk by identifying the data you handle, the threats you face and the potential financial impact of a breach. 
  • Comparing policies to see which covers the risks most relevant to your business. 
  • Reviewing policy limits and exclusions to ensure adequate protection. 
  • Consulting with an insurance broker or expert who can guide you in finding the right policy tailored to your needs. 

 Learn how to choose the right policy here.

Unsure what cyber insurance policy is right for you?

Protection, prevention and peace of mind should be at the core of every good cyber insurance policy. 
LEARN HOW TO CHOOSE THE RIGHT POLICY