Cyber Doc logo Cyber Doc
Cybersecurity Term

What is cyber insurance?

Insurance support for certain cyber incidents, usually linked to security controls and response requirements.

Risk & Compliance Last reviewed: 2026-05-20

← Back to Learn Centre

What is cyber insurance?

Cyber insurance is insurance designed to help with some costs and support needs after certain cyber incidents.

Simple example

A policy may help with incident response, legal support, recovery costs, or business interruption depending on the wording.

Why it matters

Insurance does not replace security controls. Many insurers expect reasonable protection and evidence of good practices.

Common warning signs

  • The activity is unexpected or unusual for the business context.
  • The request or system behaviour creates pressure to act quickly.
  • Normal approval, verification, or security processes are bypassed.
  • There are signs of unauthorised access, data exposure, or system change.
  • Staff are unsure whether the request, message, or system behaviour is legitimate.

Cyber Doc view

This term should be understood in business context, not only as a technical issue. Good protection usually combines clear processes, appropriate technical controls, staff awareness, and a calm response plan.

What to do

Proactive steps

  • Understand policy requirements and exclusions.
  • Keep security controls aligned with insurer expectations.
  • Document backups, MFA, patching, and response plans.
  • Review cover as the business changes.
  • Use assessments to identify gaps before renewal.

Reactive steps

  • Notify the broker or insurer according to policy requirements.
  • Preserve evidence and avoid unnecessary changes before advice.
  • Follow approved incident response processes.
  • Track costs and decisions.
  • Review lessons learned before renewal.

Related terms

  • Risk assessment
  • Incident response
  • Maturity assessment