Cyber insurance: the long tail of post-incident recovery activities and expenses

by | Oct 14, 2020 | Market Trends


While it’s extremely important to make sure that a cyber insurance policy has sufficient coverage for business interruption (as well as contingent business interruption if the business warrants it), the hidden costs of a cyberattack reach far beyond this type of coverage. Even if a business owner is able to resume normal operations for the business, it’s likely that they will have to deal with regulatory fines, penalties, lawsuits from vendors and clients, and reputation issues for months if not years after the incident.

Cyber incident long tail

A PWC report on Cyber Insurance 2020 offered a fantastic representation of the long tail of a cyber incident, describing it as “long and unpredictable”, due to the many unknowns involved in the aftermath of a cyber incident. The report also makes note of the “increasingly interconnected and interdependent ecosystem” within which companies are operating, therefore impacting their partners, customers, and vendors through their cybersecurity activities. This is why all businesses need to subscribe to a cyber insurance policy which covers business interruption, reputational harm fees, regulatory penalties, and litigation expenses. Not only does Cowbell’s Prime 250 policy offer these types of coverage, but it also offers policyholders access to the Cowbell Breach Fund.

The Cowbell Breach Fund coverage provides a separate bucket of coverage, up to the aggregate limit of the policy, for notification costs, public relations costs, credit, and identification monitoring services, among other coverages. Although some insurance companies may offer business interruption coverage, they don’t have a breach fund which can step in to pick up the “unknown” costs after a cyberattack, which can be complicated and last for a long time. This can result in negative consequences for the policyholders, who may find themselves unprepared after dealing with a cyberattack.

As the PwC report discussed, “there simply isn’t enough data to estimate the further losses resulting from brand impairment or compensation payments to customers, suppliers and other stakeholders.” Due to this lack of thorough information, a business should plan for more than what it would estimate it would need in terms of cyber coverage. This is one way to ensure that even unforeseen costs have some coverage on the business’s cyber policy and that it can resume normal operations as it recovers from a cyber incident.  

For more information about the Cowbell Breach Fund, and Cowbell’s Prime 250 policy (built for businesses up to $250M in revenue), please contact us to get your agency appointed and to start offering the market’s premier cyber insurance coverage for small and medium-sized businesses.

Related Posts

Cowbell Blog

Grow your cyber IQ with our insights into cyber insurance, cyber risk, and cyber security.

Brand Guidelines and Logo Usage