Cyber Liability

What is Cyberliability?

The term “cyberliability” is one that has evolved over the past decade. There were policy

forms called cyberliability insurance in the past that were written as professional liability

policies for companies providing a wide variety of computer hardware and software

services. Many of those forms included coverage for the company’s own website design, content and services. The somewhat vague term “cyberliability” has stuck, yet the coverage has grown and is now available for many other industries – not just technology providers.


Modern definition of cyberliability policy can include some or all of the following:


  • Privacy Liability (Covers loss of personally identifiable employee and customer


  • Security Liability (Covers failure to prevent the entrance or spread of a virus/hacker


  • Website Media Liability (Covers libel, slander and copyright infringement from your

website content.)

  • First Party Cyber Extortion (Covers expenses to respond to a threat to harm or release

your data as well as cover ransom payments if necessary.)

  • First Party Privacy Breach Response (It is common to sublimit the coverage to an

amount lower than the annual aggregate limit.)

  • First Party Business Interruption and Data Recovery Extra Expense
  • Regulatory Defense and Penalty

Privacy & Security Quick Reference Guide


Third Party Liability Coverage

Security – Failure of network and information security to prevent the transmission of computer

viruses or the penetration of a hacker.

Privacy  – Failure to protect private or confidential information.

Media/Content – Libel, slander, and other forms of disparagement, etc. with respect to display of

material online as well as infringement of a copyright by your website content.

Regulatory Actions – Regulatory actions brought by state or federal agencies to enforce privacy regulations.


First Party Coverage

Business Interruption – Interruptions in business due to breaches of a company’s network (e.g. denial of

service attack).

Crisis Management – Expense of retaining a public relations firm to help mitigate damage to the insured’s reputation and brand image (typically sub-limited).

Extortion/Threat Expenses – Costs to investigate, negotiate and settle threats made against the insured related to intentional computer attacks.

Privacy – Expenses for breach response services such as notification, credit monitoring and

identity/credit repair.