Skip to main content


Debunking the Misconceptions of Cyber Insurance

Cyber insurance forms an important part of an organisation’s overall cyber risk management strategies, encouraging the adoption of best practice security controls.

Man installing software in laptop in dark at night. Hacker loading illegal program or guy downloading files. Cyber security, piracy or virus concept.

Cyber insurance forms an important part of an organisation’s overall cyber risk management strategies1. To understand how and why incidents occur, analysis of cyber policy claims data has also been instrumental in encouraging the adoption of best practice security controls to prevent cyber-attacks. Though it has undergone some challenging times recently, the Cyber insurance market has positively begun to stabilise and interest in the comprehensive protection it can provide continues to be strong.

Unfortunately, there remains a misleading perception that Cyber insurance does ‘not pay’ or ‘does not respond as required’ to key cyber events, such as ransomware. Recently an article was published2 reporting that an Australian court found in favour of an insurer not being responsible for indemnifying a policyholder for ransomware clean-up costs, specifically “the costs of investigating the ransomware attack and preventing further effects of the attack” and “hardware replacement” costs. In this case, the claimant sought cover under a Crime insurance policy, not a specific stand-alone Cyber insurance policy3. This example demonstrates the importance of buying standalone Cyber insurance to ensure the broadest range of coverage for ransomware and other cyber incidents, rather than relying on non-Cyber insurances to respond.

Like any other insurance policy, Cyber insurance wordings represent a legal contract between the purchaser and the insurer offering the coverage. It clearly outlines what is or isn’t covered, and defines the parameters of an insured cyber event that will trigger insurance policy coverage. More broadly speaking, a Cyber insurance policy triggers as soon as there is a reasonably suspected insured cyber event, including ransomware, allowing a policyholder to access specialists to investigate what has happened without requiring absolute proof that an event has occurred before benefiting from incident response services.

Furthermore, Cyber insurance was never intended to provide cover for property damage; its focus has always been on intangible assets (data, software, systems). There is scope to extend the policy to cover specifically defined physical assets or devices if they become unusable. Still, in most instances, this needs to be negotiated on a case by case basis.

Ransomware is one of the top cyber threats facing companies. Continually building cyber resilience is key, and Cyber insurance continues to play an important role in this process. Should the transfer of cyber risk to the insurance market be part of the organisation’s goals in managing this key exposure, a stand-alone Cyber policy provides clear and dedicated protection.

This publication is not intended to be taken as advice regarding any individual situation and should not be relied upon as such. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update this publication and shall have no liability to you or any other party arising out of this publication or any matter contained herein. Marsh makes no representation or warranty concerning the application of policy wordings or the financial condition or solvency of insurers or re-insurers. Marsh makes no assurances regarding the availability, cost, or terms of insurance coverage. LCPA: 22/368

Marsh Pty Ltd (ABN 86 004 651 512, AFSL 238983) (“Marsh”) arrange this insurance and is not the insurer. The Discretionary Trust Arrangement is issued by the Trustee, JLT Group Services Pty Ltd (ABN 26 004 485 214, AFSL 417964) (“JGS”). JGS is part of the Marsh group of companies. Any advice in relation to the Discretionary Trust Arrangement is provided by JLT Risk Solutions Pty Ltd (ABN 69 009 098 864, AFSL 226827) which is a related entity of Marsh. The cover provided by the Discretionary Trust Arrangement is subject to the Trustee’s discretion and/or the relevant policy terms, conditions and exclusions. This website contains general information, does not take into account your individual objectives, financial situation or needs and may not suit your personal circumstances. For full details of the terms, conditions and limitations of the covers and before making any decision about whether to acquire a product, refer to the specific policy wordings and/or Product Disclosure Statements available from JLT Risk Solutions on request. Full information can be found in the JLT Risk Solutions Financial Services Guide.”