skip to main content

Unfortunately, many companies don’t realize that it’s no longer a matter of if or even when, but how – how will your data be breached? When that happens, you’ll need comprehensive protection from an insurer that specializes in handling cyber risks, offers a full suite of integrated insurance solutions to help minimize gaps in coverage, and understands how to tailor coverage to your business.

Coverage Highlights


  • Backed by Chubb’s extensive experience – we wrote our first cyber policy in 1998 insuring cyber risks
  • Chubb’s Cyber Risk Management division provides Cyber policyholders with access to loss mitigation and incident response services to assist you before, during, and after an incident occurs
  • Reimbursement for a percentage of the cost of qualified cyber loss prevention services for specialized cyber attorneys, vendors, and service providers (where permitted by law)


Coverage Part Highlights:

  • Comprehensive cyber liability (third-party) and expense (first-party) coverage
  • Broad definition of Record, including:
    • Private information as defined by law
    • Business and proprietary information in the care, custody or control of an organization or a third-party service provider performing processing, storage, or hosting services for an organization
    • Other non-public information provided to an organization pursuant to a written confidentiality or non-disclosure agreement
  • Exception to the war exclusion for cyberterrorism
  • Insured can waive subrogation rights prior to a wrongful act; Chubb has no subrogation rights against the insured
  • Coverage is non-cancelable (other than non-payment of premium) and non-rescindable by Chubb

Cyber Liability Coverage:

  • Privacy liability, including coverage for claims alleging actual or potential unauthorized access to private information, failure to comply with an organization’s publicly stated privacy policy, failure to notify people in a timely fashion about unauthorized access to their private information, and release of information due to unauthorized access into a system operated by an organization or third-party service provider
  • Conduit liability, including claims arising from system security failures in an insured’s or third-party service provider’s system that result in systems being impaired or unavailable
  • Impaired-access liability, including claims arising from a system security failure resulting in a company’s system being unavailable to its customers
  • Privacy regulatory action coverage, including regulatory action defense costs, fines, penalties, and consumer redress funds associated with actual or potential privacy liability

Cyber Expense Coverage:

  • Privacy notification expenses even if the notification is voluntary on the part of the insured (with an alternative limits of liability or number of affected persons approach, which is outside the limit of liability)
  • Crisis management and reward expenses, including the cost of forensic and public relations consultants
  • E-business interruption and first-dollar extra expense
  • E-threat, including the cost of a professional negotiator and ransom payment
  • E-vandalism expenses, even when the vandalism is caused by an employee

Optional Coverage:

  • Payment card industry assessments
  • Service provider e-business interruption and extra expense (for companies that outsource)

Related Materials