Essential protection and recovery from cyber incidents
Cyber risk represents an escalating threat to UK businesses. It underscores the need for protection that is both comprehensive and supported by a trusted, reputable brand.
By partnering with Marsh Commercial, you gain access to robust, data-driven insights, and proven reliability. Most importantly, you'll gain the confidence that comes from working with a team deeply knowledgeable about your complete risk profile. This includes your digital assets and network security.
You can be confident that we offer comprehensive support - from risk management to insurance solutions. We can help your business effectively reduce cyber risk, mitigate security failure, and protect affected parties from the consequences of cyber incidents. Our cyber cover is designed to safeguard your computer system, sensitive customer information, and other critical digital assets, while minimising reputational harm.
Do I need cyber insurance cover?
Hostile cyber activity is becoming more frequent and sophisticated than ever before. Over the past year, UK businesses faced an astonishing 7.7 million common cybercrimes. This included malicious attacks and cyber terrorism, impacting nearly half of all companies.¹ These reports are from businesses just like yours, of all sizes from micro-businesses to SMEs and larger corporations. The response from each company depended heavily on how prepared they were and the strength of their cyber resilience strategy and cyber incident response plan.
While most cyber insurance policies provide essential protection, the best defence comes from clear business processes and policies. Having a strong security culture embedded across your organisation is also important. Marsh Commercial and its partners provide a range of solutions to help your business enhance risk management and lower the risk of cyber threats.
Our specialist team and claims team are experienced in handling incidents involving privacy liability, legal costs, legal expenses, and other related costs. We also support you with crisis communication and access to professional services to manage the aftermath of an attack. This includes credit monitoring and recovery of your sensitive customer data.
Secure the future of your business today
Our dedicated team are ready to help you navigate cyber risk with personalised advice and customised insurance and risk management solutions crafted specifically for your business.
Cyber liability insurance can cover
-
business interruption and lost revenue
-
cyber extortion
-
data and hardware restoration and repair
-
data breach notification services
-
employee training
-
first and third-party costs
-
forensic services
-
fraudulent representation and legal fees
-
incident preparation and response support
-
regulatory defence and penalties
Our cyber insurance work includes coverage for losses caused by malicious software attacks and social engineering scams that target your IT systems. We also provide protection for defence costs related to regulatory investigations and legal proceedings outlined in your policy documents.
For example, if your service provider suffers a breach that impacts your business, our coverage can extend to support the parties affected.
Why work with Marsh Commercial?
As an established and trusted global risk advisor, Marsh has offered cyber insurance work and risk management solutions for over 25 years. We have large, dedicated cyber teams working globally and locally here in the UK. Most importantly, our brokers understand how cyber risk intersects with other critical areas like Material Damage, Business Interruption, and Directors & Officers. We ensure your coverage is comprehensive and aligned with your overall risk profile.
Our approach includes working closely with your service provider and internal teams to ensure your IT systems are protected and that all parties affected by a cyber incident are supported.
Secure the future of your business today
Our dedicated team are ready to help you navigate cyber risk with personalised advice and customised insurance and risk management solutions crafted specifically for your business.
Cyber insurance FAQs
A
Cyber liability is a type of insurance coverage designed to protect individuals and businesses from financial losses and liabilities resulting from cyber-related incidents. These incidents can include
- data breaches
- hacking attacks
- ransomware
- identity theft
- Other forms of cybercrime.
Cyber insurance policies typically cover costs such as:
- legal fees
- notification expenses
- data recovery
- business interruption losses
- damages related to privacy breaches.
Cyber insurance as part of a robust cyber resilience plan helps organisations manage the risks associated with operating in a digital environment.
A
Cyber insurance provides financial protection against losses and liabilities resulting from cyber incidents such as phishing, ransomware and data breaches. It typically covers costs related to:
- data breach notifications
- legal fees
- regulatory fines
- business interruption
- ransomware payments
- forensic investigations
- data recovery
- crisis management.
Insurance helps businesses manage the financial impact of cyber risks and supports recovery efforts to minimise disruption and reputational damage. Coverage can vary, so it’s important to work with the right broker to find a policy that fits the specific needs of your business.
A
Cyber insurance generally doesn’t cover losses resulting from:
- intentional or fraudulent acts by the insured
- physical damage to property
- bodily injury unrelated to cyber events
- or incidents known prior to the policy start date.
It also typically excludes costs for improving security measures, losses due to war or terrorism, and sometimes cryptocurrency theft unless specifically included. Additionally, contractual liabilities and certain regulatory fines may not be covered. Coverage exclusions can vary by policy, so it’s important to work with an experience broker and carefully review the terms to understand what is and isn’t included. Your Marsh advisor will ensure you get the right policy for your business.
A
While cyber insurance is important, it’s just a single element of a robust cyber resilience plan. A strong cyber resilience plan begins with robust risk management tailored to your business needs. This includes clear business processes, policies, and a strong security culture embedded across your organisation.
A
Yes, many cyber policies include coverage for ransomware attacks that involve ransom payments or extortion expenses. However, some insurers are starting to limit of exclude ransom payment coverage due to the rise in ransom costs. In some cases, policies might have sub-limits specifically for ransomware, exclusions for certain attack types or requirements for cybersecurity measures to quality for coverage. It’s important to carefully review the terms, limitations, and exclusions of any cyber policy regarding ransomware coverage – this is something your broker can help with.
A
Any business which relies on technology to operate or store data is at risk of cyber attack. 43% of businesses and 30% of charities reported a cyber security breach in the last 12 months. Cyber incidents involving large, well-known brands are more likely to make the headlines, but businesses of all sizes are at risk and need a robust resilience plan. A business may be more vulnerable than others due to the sensitivity of the data held, or underlying weaknesses that create opportunities for attackers.
Cyber liability insurance not only covers your liabilities following an attack, it also springs into action as soon as the incident occurs, helping you to reduce the damage.
A
Phishing attacks are still the most common cyber security breach, experienced by 85% of businesses and 86% of charities that reported a cyber incident in the last 12 months.
The second most common breach reported was others impersonating your organisation or staff (in emails or online). Breaches like this happen in result of human error, highlighting the importance of staff training forming part of your overall cyber resilience strategy.1
Other common cyber risks include:
- Malware
- Ransomware
- Hacking of website, social media accounts or bank accounts
- Unauthorised access of files (by staff or people outside your organisation).
A
If your business was to experience a cyber incident, either malicious or accidental, there will be an impact and consequences to your business. The impact could include:
- Non-physical – confidentiality issues/integrity issues/availability issues
- Physical – property damage/bodily injury.
Leading to the following consequences:
- Loss of income
- First-party costs
- Third-party liability
- Fines and penalties
- Extortion demands
- Negligence in services
- Shareholder litigation.
A
How much your cyber insurance costs will depend on several factors including:
- the nature of your business
- your annual revenue
- the types of data that you hold.
There are cyber policies to fit businesses of all sizes and sectors, so get in touch to discuss what works for your business.
A
A strong cyber resilience plan begins with robust risk management tailored to your business needs. While cyber insurance is important, the best protection comes from clear business processes, policies, and a strong security culture embedded across your organisation. Marsh provides a range of solutions to help your business enhance risk management and lower the risk of cyber threats.
A
In the event of any kind of cyber security breach, reach out to your Marsh advisor for immediate support. Resilience and recover can depend on preparation, coordination and execution. When the pressure is on, a response plan can make all the difference. See our checklist for business resilience.
