Compliance

The Top 8 Cyber Insurance Brokers

As more providers enter the cybersecurity insurance market, who provides the most cover, the most complete service, and the best value for money?

The Top 8 Cybersecurity Insurance Brokers include:
  • 1. AIG CyberEdge
  • 2. Allianz Cyber Protect
  • 3. AXA XL Cyber Insurance
  • 4. Beazley – InfoSec
  • 5. Chubb Cyber Enterprise Risk Management
  • 6. Hiscox Cyber Insurance
  • 7. CyberRisk Insurance
  • 8. Zurich Cyber Insurance

The last five years have seen a drastic increase in the number of phishing and malware attacks. This is, in part, due to changes in work practices – with more people working from home permanently or operating a hybrid model, endpoints have become harder to secure. On top of this, advances in technology have made cybercrime more accessible than ever. For example, it is now easier to buy malware from the dark web meaning that people with very little technical skill are able to orchestrate advanced attacks. With the prospect of a cyber-attack so likely, it’s important that organizations are prepared to deal with the consequences of a breach. And one way in which they can do that is by investing in cybersecurity insurance.

While cyber insurance itself does not directly strengthen your security or make breaches less likely, it can put your organization in a better position to respond and recover once an attack has happened. The financial impact of a cyber-attack can be catastrophic – IBM calculated that the average total cost of a data breach was USD 4.35 million in 2021. That is a 12.7% increase compared to the previous year. Cybersecurity insurance can help cover these costs and ensure that your organization returns to normal business operations swiftly.

Before a provider will agree to cover you, they will conduct a risk assessment to ensure that you are taking steps to proactively reduce your risk of cyber-attack. They will expect you to have certain tools in place—such as email security, endpoint security, and a firewall—before they agree to extend cover to you. While this is an indirect consequence of cybersecurity insurance, it does ensure you are better protected. This “belt and braces” approach ensures your organization is robust and flexible when it comes to responding to cyber-attacks. 

In this article, we will cover some of the top US-focused cybersecurity insurance policies and providers. Once you have seen the broad trends and unique features of different providers, it is worth contacting the insurer directedly to ensure your policy is tailored and specific. 

AIG Logo

AIG is world-leading global insurance company that operates in over 70 jurisdictions and offers insurance for a range of industries. AIG use in-house cyber risk advisors to ensure that your organization is secure, and to resolve incidents if you do become the victim of an attack.

AIG CyberEdge Areas Covered:

  • Investigation of potential regulatory breaches
  • Cost of fines and penalties handed down by regulators
  • Payment Card Industry Data Security Standard (PCI-DSS) assessments
  • PR and customer notification while responding to cyber incident
  • Legal consulting and identity monitoring costs for victims of attack
  • Cyber event forensic investigation costs
  • Cost of restoring or gathering lost data
  • Business interruption and certain expenses
  • Reimbursement of ransom payment
  • CyberAcuView

Coverage Requirements: AIG compiles a comprehensive risk summary for each organization. This identifies your current level of risk (and compares this with peer organizations) – this includes the probability of suffering an attack and the expected loss if this were to occur.

Expert Insights’ Comments: AIG offer coverage up to $100m, with no minimum retention time, and organizations in North America receive additional tools and support services valued at $25,000. The company has also teamed up with CyberAcuView – a collaborative network to drive cybersecurity innovation which means that you’ll also benefit from advanced analysis of cyber related-data, compiled by seven of the largest cyber insurance firms.

Allianz Logo

Allianz is a trusted brand that provides insurance for a range of sectors, across over 200 countries. The US wing, which is headquartered in Minneapolis, has been operational since 1896. Their cyber security insurance ranks highly with A.M. Best, and S&P.

Allianz Cyber Protect Areas Covered:

  • Business interruption, be it due to technical faults, internal error, or regulatory orders
  • Contingent business interruption caused by third parties
  • Network security liability
  • Cyber extortion, including ransom demands from malware attacks
  • Breach liability
  • Internal investigation costs in response to regulatory request
  • PCI-DSS costs

Expert Insights’ Comments: Allianz Cyber Protect is a broad plan that can cover organizations in a range of scenarios – it is also flexible enough to ensure that you remain protected as risk and threat evolves. Each policy is bespoke and based on a full assessment of business systems and risk. With Allianz, you can be sure that your cover reflects the fast-moving world of cyber threat.

AXA Logo

AXA has teamed up with Accenture Security to provide world-leading cybersecurity insurance. Their cybersecurity insurance is built around three key principles: flexible coverage, proactive risk management, and customer-focused claims. From 2016 to 2020, AXA was named the best product innovator on Advisen’s Pacesetter index.

 AXA XL Cyber Insurance Areas Covered:

  • Business interruption and additional expenses
  • Data breach security and privacy liability
  • Loss / destruction of electronic assets
  • IT forensics
  • PR and notification costs
  • Regulatory defence and reimbursement of fines and penalties
  • Data restoration
  • Cyber extortion

Expert Insights’ Comments: AXA and Accenture’s inhouse expertise ensures that your network is secured, and the chance of an attack is minimized. This begins with a complete threat intelligence report that is written up for all prospective clients. Should an attack happen, Accenture guides you through the appropriate remediation strategy to minimize attack significance.

Beazley logo

Beazley – based in London with offices in LA, New York, and Atlanta – is one of the largest insurance firms that operates across the globe. As such, they are able to offer coverage for large organizations with considerable data security and exposure risks. In 2021, Beazley was named the best Cyber Risk Pre-Breach team and best overall Cyber Insurer, by Advisen, highlighting how they drive down risk, as well as providing cover for any attacks.

Beazley – InfoSec Areas Covered:

  • Legal services (regulatory defense and penalties)
  • Notification, PR, and crisis management
  • Credit and identity monitoring
  • Business interruption as a result of system failure or security breach
  • Cyber extortion loss
  • Data recovery
  • CyberAcuView

Expert Insights’ Comments: Beazley offers global coverage to multiple sectors – from healthcare to retail, hospitality and finance – making it the prime insurer for larger organizations that operate in multiple territories. They are a well-established and highly regarded insurer, meaning you can have peace of mind that your claims will be treated quickly and professionally.

CHUBB Logo

Chubb is a global insurance provider that specializes in several commercial areas. Their cybersecurity insurance is based around three principles: loss mitigation (to address cybersecurity risks before an event occurs); incident response (to restore service and limit exposure); and risk transfer (to provide a broad insurance base).

Chubb Cyber Enterprise Risk Management Areas Covered:

  • Business interruption caused by cyber-attack, human error, programming error or network security failure
  • Data loss
  • Legal costs, this includes contractual indemnity
  • Expenses incurred by regulatory investigations
  • Network or data extortion / ransomware
  • Liability due to PII breach
  • CyberAcuView

Expert Insights’ Comments: Chubb is a well-established cybersecurity insurer with over 20 years of experience. The cost of a premium is linked to risk profile and scope of coverage, which ensures your policy is appropriate for your organization. As of 2019, Chubb holds a 36% market share of the cyber insurance industry, making it one of the most trusted vendors.

Hiscox logo

Hiscox is an established insurer, with over 120 years’ worth of experience in the industry. Each year they produce a Cyber Readiness report that outlines current trends in network threats. Hiscox has made a concerted effort to serve the small business market, offering discounts to SMBs and new users.

 Hiscox Cyber Insurance Areas Covered:

  • Loss of income due to a data breach
  • Reputational damage cover
  • Forensic investigation (including data recovery and legal advice)
  • Customer and regulator notification
  • Equipment replacement if damaged during a cyber attack
  • Compensation during supplier or vendor downtime

Expert Insights’ Comments: Hiscox is a well-established insurer that frequently receives industry recognition and positive customer reviews. The fact that they cover loss of earnings due to supplier downtime is particularly significant, and not something that all insurers cover. Their policies are clear, easy to set up, with existing customers praising their claims process. Hiscox has developed the Hiscox Risk Academy – this is an online tool for assessing risk and training users in best practices and security awareness.

Travelers Logo

Founded in 1853, Travelers is a highly regarded insurance provider based in Minnesota. In response to the ever-evolving cyber landscape, Travelers has recently increased sub-limits to provide higher levels of cover against more expensive attacks. Travelers works closely with Symantec to understand risk and to offer security awareness training.

Travelers CyberRisk Insurance Areas Covered:

  • Cost of improving systems after a breach
  • Social engineering cover
  • Vendor or client payment fraud
  • Business interruption due to system failure or voluntary shutdown
  • Reputational damage
  • Accounting costs – a forensic accounting firm calculates the value of income lost

Coverage Requirements: Travelers works with NetDiligence, a cyber risk assessment and data breach services company, to conduct an in-depth review of your risk and exposure, then work with you to write an incident response plan (IRP). This will help you manage and coordinate your organization’s response to a cyber-attack.

Expert Insights’ Comments: Travelers is well regarded across the board. Their recent increase in sub-limits illustrates how Travelers is alert and responsive to the cyber insurance needs of organizations. Although Travelers covers a broad range of sectors, they are not looking to insure the health and defense sectors, but do provide specialized policies for technology companies, public entities and small businesses.

Zurich logo

Zurich North America is the US wing of Swiss-based Zurich Insurance Group. Zurich North America was established in 1998 and has quickly become a key player in the cyber insurance market. Over the last decade, they have paid out tens of millions of dollars in claims. Thanks to Zurich’s global connections, they are an experienced and robust insurer operating across a range of business cases.

Zurich Cyber Insurance Areas Covered:

  • Coverage limits up to $25M
  • Reputational damage costs
  • Business interruption expenses
  • Privacy data breach
  • Cover for PCI and GDPR fines and penalties
  • Regulatory proceedings defense costs

Expert Insights’ Comments: Zurich North America is a well-established provider, with a wealth of experience and expertise. A particular highlight is Zurich’s Resilience Solutions Cyber Risk Engineering specialists, who monitor the evolution of threats over time, ensuring that they can be effectively managed. Zurich’s specialists can help to device strategic roadmaps and incident response plans, ensuring that your network is secure.

Top 8 Cybersecurity Insurance Brokers