In this digitally driven age personal cyber security insurance is a relatively new industry that is just breaking ground in the UK. Personal cover is now being offered in the UK by companies such as Chubb, NFU Mutual, Hiscox and while providers across Europe are also beginning to emerge.

The insurance industry sees personal cyber security as one fastest growing insurance lines in the world and collectively say they are offering ‘great products’ that provides practical expert support as well as a financial safety net in case of disaster.

But what exactly is personal cyber security insurance and is it worth it?

In general insurers are providing coverage in the following areas:
  • Cyberattacks –covering the costs to restore or replace a computer system and retrieve personal digital assets, such as music, photographs and video.
  • Ransomware - expenses and ransom monies reimbursed as a result of ransomware and cyber extortion.
  • Identity theft – cover for the costs and services incurred as a result of actual or suspected identity theft.
  • Cybercrime – reimbursing lost money as well as costs and charges incurred following credit card fraud or a phishing attack.
Some insurers also offer coverage for restoring smart devices and wearables if they become corrupted, damaged or altered by a cyber-attack.

Other policy features include
  • Access to helplines
  • Approximately 24 hours of advice to investigate email fraud and cyber theft
  • Legal support for cases of online bullying and harassment
  • Proactive monitoring of accounts and alerting customers to data breaches.
We suspect in this latter case that the premium would be relatively high given that proactive monitoring is resource intensive and is likely outsourced to a Secure Operations Centre.
  • Policies clearly differ though. For instance some insurers say their policies offer a total of up to £50,000 a year cover. This of course sounds very generous but you need to break down the policy to see what is actually being offered. In this case the firm says it provides “up to up to a maximum £1,000 in the period of insurance” for identity theft.
We know of cases in which identity theft losses have ran into tens of thousands of pounds. And if your identity is stolen you may also find it difficult to get loans, credit cards or a mortgage. That said insurance policies do offer a provision to address the wider implications of identity theft, such as investigating the ramifications and contacting the relevant organisations on your behalf. This is covered in the ’24 hours of advice’ that is part of many policies.

Some insurers also say that payments following a ransomware attack should be ‘reasonable’ which of course is open to interpretation and may not reflect the true cost.
  • If you are considering taking out a policy it’s important to establish whether a policy covers victims who have been defrauded via bank transfer scams. These scams have been particularly rampant in the past few months with victims fooled into thinking they are talking to bank reps, or even the police, and then persuaded to transfer their funds to another bank account.
The following points also need to be considered:
  • Terms and definitions - There is not a universal language when it comes to cybersecurity. This can be an issue with some policies because the insurer and the insured might have different understandings of the same terms. In some cases, these mistakes are innocent and in others, the insurer is intentionally vague. As such it’s important to understand exactly what is or is not included in coverage in order to accurately establish the level of protection.
  • Exclusions - Most insurance policies exclude or invalidate coverage if certain terms or conditions are met. For instance, policies typically do not cover attacks carried out by terrorists. Understanding exclusions is important because minor details could compromise coverage completely.
  • Security requirements - Cybersecurity insurance policies require policyholders to maintain specific levels of protection and maintain baseline levels of security. If these thresholds are not met it could potentially invalidate a claim.
With regards to ‘baseline levels of security’ you will need to have good antimalware security such as BullGuard Internet Security 2021.

That said BullGuard Premium Protection 2021 provides the same levels of advanced multi award-winning protection along with identity protection too. ID information is often stolen from companies that hold customer information in their databases. There is little you can do about this, but if this does happen BullGuard identity protection alerts you as soon as your data appears on website and dark web forums where stolen data is traded.

In fact, both will protect you against malware, including ransomware, thanks to dynamic machine learning and other innovative security layers, as well as identifying phishing mails that contain malware and websites that hide malicious links.

We don’t want to dissuade you from taking out personal cyber security protection, it can be helpful and if it gives you peace of mind then it is invaluable. But we believe if you are cyber security savvy, know how to detect phishing mails, can identify bank transfer scams and are using the right software, alongside a VPN, you will be well protected as it is. That said, personal cyber security insurance is a relatively new but growing industry and is only going to get bigger. As such you may want to get in early before the price of policies begins to rise.