Cyber Liability Insurance

As an IASME certification body, TecSec Services can award you with Cyber Essentials/ Plus or IASME (self-assessment or Gold) , automatically making you applicable to recieve Cyber Insurance.

To be applicable for this insurance you have to meet the following requirements:

  • You must have a Head Office domiciled in the UK
  • The whole company must be included in the scope
  • Your business must earn less than £20m turnover.

What does the insurance cover?

Event Management

Costs to engage Legal, IT Forensics, Data Restoration, Reputational Protection, Notification Costs and Credit and ID Monitoring services following an actual or suspected breach of personal or corporate information, an IT security or system failure

Data Protection Obligations

Insurers will pay:

  • Defence Costs in respect of a Regulatory Investigation, and;
  • Any lawfully insurable Data Protection Fines that the Company is legally liable to pay in respect of such Regulatory Investigation with regards to a breach of Data Protection Legislation

Liability

Damages and Defence Costs arising from:

  • An actual or alleged breach of data
  • An actual or alleged security failure
  • The failure to notify a Data Subject and/or any Regulator of a breach of personal information in accordance with the requirements of Data Protection Legislation
  • An actual or alleged breach of duty by the Information Holder in respect of the processing information (for which the Company is responsible) on behalf of the Company

A major breach may well require more than the £25,000 cover. Higher limits of indemnity and extensions to the cover are available on request.

Insurance with Cyber Essentials – Frequently Asked Questions

If you suffer a data breach, hack or other cyber incident you should immediately contact the 24 hour helpline listed on your insurance schedule. The policy will provide crisis management and incident response services appropriate to your circumstances. Do not delay in reporting the incident as this could jeopardise the claim. Remember to keep a paper copy of your insurance schedule as you may not be able to access an electronic copy in the event of a data incident.

The insurance is provided by AIG. In the event of a claim they will appoint their specialist consultants to assist and advise you.

The name of the company insured is on your insurance schedule and should correspond with the company that has successfully been certified.

Your policy provides the following:

  • Event Management – Legal, IT Forensics, Data Restoration, Reputational Protection, Notification Costs and Credit and ID Monitoring services following an actual or suspected breach of personal or corporate information, an IT security or system failure
  • Data Protection Obligations – Insurers will pay Defence Costs in respect of a Regulatory Investigation, and any lawfully insurable Data Protection Fines that the Company is legally liable to pay in respect of such Regulatory Investigation with regards to a breach of Data Protection Legislation
  • Liability – Damages and Defence Costs arising from: An actual or alleged breach of data, an actual or alleged security failure, the failure to notify a Data Subject and/or any Regulator of a breach of personal information in accordance with the requirements of Data Protection Legislation, an actual or alleged breach of duty by the Information Holder in respect of the processing information (for which the Company is responsible) on behalf of the Company

The insurance provided with certification gives you a £25,000 limit of indemnity. If you require a higher limit contact us at info@tecsec.co.uk or 0114 223 8000.

The cost of additional covers will depend upon what cover you want, the limit of indemnity you require and the nature of your business. To discuss options contact info@tecsec.co.uk or call 0114 223 8000.

Full details of what is and is not covered can be found in your policy wording. Some of the things that are not covered include: Business Interruption, Phone Phreaking, Outsourced Service Providers, Social Media, Ransoms and money that may have been stolen from you or defrauded from you. If you would like insurance to cover these aspects please contact info@tecsec.co.uk or call 0114 223 8000.

If you already have cyber insurance the policy provided with your certification becomes inoperative. There is no refund or discount.

Companies with a turnover above £20m are not eligible for the automatic insurance. If you would like to discuss options or would like a quote please contact info@tecsec.co.uk or call 0114 223 8000.

Only companies domiciled in the UK are eligible for the insurance. UK subsidiaries may be considered, contact info@tecsec.co.uk or call 0114 223 8000.

The policy starts from your certification and lasts 12 months, the exact dates will be on your insurance schedule. If you wish to maintain your insurance beyond that date you will need to renew your Cyber Essentials certification with IASME or one of their CBs. If you do not renew your certification then you may purchase Cyber Insurance from your insurance broker or through us by contacting info@tecsec.co.uk or  0114 223 8000.

The policy is connected to your Certification and cannot be renewed on its own. To maintain cover you will need to renew your Certification or take a separate stand-alone cyber insurance policy.

When you complete the Cyber Essentials assessment there is an option to opt out of the insurance. This does not affect the cost.

Contact info@tecsec.co.uk or call 0114 223 8000.

Being compliant to Cyber Essentials has been shown to significantly reduce the likelihood and severity of a data breach however, the risk still remains, especially if there is an accidental or deliberate internal breach or a concerted external attack. The presence of cyber insurance will provide vital incident response services and costs in your hour of need. The insurance provided with certification gives you £25,000 limit of indemnity so you may want to purchase a higher limit of cover in case you suffer a severe breach.