Understanding Cyber Incidents and Cover

Cyber incidents come in many different forms, from privacy breaches and extortion demands to denial of service attacks and malware outbreaks.

The most common types of incidents that insurers handle include ransomware attacks, business email compromise and data breaches. Each of these events requires a specialised technical approach.


Ransomware is a type of malware which encrypts your data until you pay a ransom for its return. Increasingly common, ransomware attacks can seriously impair your ability to operate and result in significant business interruption losses.

If your systems are locked down, the insurer’s incident response team will draw on their experience in dealing with extortion demands, advise you of your options, investigate the extent of the infection, and help you decrypt and restore your systems and data.

Business Email Compromise (BEC)

BEC happens when a fraudster gains access to your business email account, usually by using credentials they have found on the dark web. Once in, the attacker can reroute emails, fake invoices and more, most often resulting in lost funds through wire transfer fraud.

If your business email account is compromised, insurance specialists will first attempt to halt the transfer of funds if the insurer’s Claims Department has been notified in time. They will also identify the origin of the compromise, remediate any systemic concerns, and help ensure your accounts are usable and secure again

Data Breach

Almost all businesses collect or store data electronically, whether customer information, employee records, valuable intellectual property or something else. Not only is this data critical to running your business, it is also often subject to privacy laws.

If you discover that your data has been lost or stolen, the insurer’s incident response team and global network of legal partners will help you determine what led to the breach and whether you must – or should – notify customers and regulators. If notification is advised, Underwriters will help you work with all the necessary parties, from privacy lawyers to PR consultants, to make sure this process is as smooth as possible.

The Process

In association with one of our Cyber Insurance providers, CFC Underwriting, we propose to deal with any Cyber claims or incidents in the most thorough way for you. Whatever type of cyber event you suffer, you can expect an organised and efficient response from our team, from triage through to remediation.

  1. Triage

After you notify us of a cyber incident, a technical expert will call back to triage, contain, and marshal the right specialists within the team.

  1. Forensics

Next, the insurer and our team will work with key stakeholders in your business to investigate the root cause and extent of the incident and provide recommendations for recovery.

  1. Recovery

If systems are down, a business recovery team will then step in to get you fully operational again by helping to remove malicious malware and recover critical data. 

  1. Remediation

Once you’re fully back up and running, your claim will be handed over to the insurer’s claims adjusters, who we will work with on your behalf, to arrange final settlement.

Risk Management Services

A cyber policy is more than just words on paper; we can help you to prevent, detect and respond to cyber events using a wide range of free tools from our insurers’ partners.


Phishing-focused training is an eLearning tool that tackles the human vulnerabilities in your business, equipping your team to identify and prevent phishing attacks and other social engineering campaigns.

Cyber risk awareness videos offer a large library of cyber risk awareness videos that cover a variety of scenarios, from wire transfer fraud to cryptojacking.


Cyber risk rating reports can review your company’s internet presence and provide you with a cyber security rating, allowing you to benchmark yourself against other businesses.

Breach monitoring services are also available to continually search the dark web for information specific to your organisation, alerting you in real-time to possible breaches of your data.


CFC’s incident response team delivers a unique toolkit combining multiple templates and practical advice to help you produce a tailored incident response plan in case the worst happens. By building a robust plan, you can effectively reduce the impact of a cyber event and ensure all appropriate parties are engaged at the right time and in the right way.

We hope we have been able to highlight the importance of cyber insurance here, by explaining some of the most common incidents that can occur. Contact us at enquiries@mcclarroninsurance.com or on 01653 697055 if you would be interested in a no obligation quote – quote code Cyber20 for a complimentary review.

More Stories