This form should be useful
for documenting the differences among companies that offer cyber insurance
policies to medium to large entities. It can be used to record special endorsement
limits, exclusions, other improvements, or any restrictions that apply.
Using this chart is not a
statement of coverage; it is a tool to help you and your client understand key
differences. It is important to note that it will not highlight every
difference that could impact coverage.
|
COVERAGE
|
GENERIC
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Liability – Claims-made
|
No – ins agree 1
Yes – ins agree 2,3
|
|
|
|
|
All other – Discovery
|
Yes
|
|
|
|
|
INSURING AGREEMENT
|
|
|
|
|
|
Website publishing liability
|
Optional
|
|
|
|
|
Security breach
liability
|
Optional
|
|
|
|
|
Programming errors and
omissions liability
|
Optional
|
|
|
|
|
Replacement or
restoration of electronic data
|
Optional
|
|
|
|
|
Extortion Threats
|
Optional
|
|
|
|
|
Business income and
extra expense
|
Optional
|
|
|
|
|
Public Relations Expense
|
Optional
|
|
|
|
|
Security Breach Expense
|
Optional
|
|
|
|
|
LIMITS OF INSURANCE
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Policy aggregate limit
|
Yes
|
|
|
|
|
Insuring agreements aggregate
|
Yes
|
|
|
|
|
DEDUCTIBLE
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Dollar or percentage
|
Dollar
|
|
|
|
|
Liability deductible must be self-insured
|
Yes
|
|
|
|
|
Highest deductible for multiple
|
Yes
|
|
|
|
|
DEFENSE AND SETTLEMENT
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Duty to defend
|
Yes
|
|
|
|
|
Right to defend
|
Yes
|
|
|
|
|
Regulatory actions
|
Yes
|
|
|
|
|
Consent to settle
|
Yes
|
|
|
|
|
Consequences of not consenting to settle
|
Yes
|
|
|
|
|
EXCLUSIONS
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Acts of nature
|
Yes
|
|
|
|
|
War
|
Yes
|
|
|
|
|
Biological/nuclear release
|
Yes
|
|
|
|
|
Bodily injury/Property damage
|
Yes
|
|
|
|
|
Computer system failure
|
Yes
|
|
|
|
|
Lack of access to electronic data
|
Yes
|
|
|
|
|
Insufficient capacity
|
Yes
|
|
|
|
|
Activity overload
|
Yes
|
|
|
|
|
Network disruption
|
Yes
|
|
|
|
|
Power source
fluctuation
|
Yes
|
|
|
|
|
RICO violations
|
Yes
|
|
|
|
|
Satellite failure or
malfunction
|
Yes
|
|
|
|
|
Publishing false
material
|
Yes
|
|
|
|
|
Contract or agreement
|
Yes
|
|
|
|
|
Patent or trade secret
violation
|
Yes
|
|
|
|
|
Pollution
|
Yes
|
|
|
|
|
Prior claim or suit
|
Yes
|
|
|
|
|
Employment-related
practices
|
Yes
|
|
|
|
|
Wrongful acts prior to
retroactive date
|
Yes
|
|
|
|
|
Knowledge prior to
effective date
|
Yes
|
|
|
|
|
Prior policy claim
|
Yes
|
|
|
|
|
Criminal acts
|
Yes
|
|
|
|
|
Willful violations
|
Yes
|
|
|
|
|
Governmental/regulatory
action
|
Yes
|
|
|
|
|
Poor upkeep of computer
system
|
Yes
|
|
|
|
|
Insured vs insured
claim
|
Yes
|
|
|
|
|
Unintentional
entry-related E&O
|
Yes
|
|
|
|
|
Contract-related fines,
penalties
|
Yes
|
|
|
|
|
CONDITIONS
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Cancellation
|
Yes
|
|
|
|
|
Changes
|
Yes
|
|
|
|
|
Examination of
books/records
|
Yes
|
|
|
|
|
Inspections and surveys
|
Yes
|
|
|
|
|
Premiums
|
Yes
|
|
|
|
|
Transfer of rights and
duties
|
Yes
|
|
|
|
|
Subrogation
|
Yes
|
|
|
|
|
Bankruptcy
|
Yes
|
|
|
|
|
Representations
|
Yes
|
|
|
|
|
Changes in exposures
|
Yes
|
|
|
|
|
Other insurance
|
Yes
|
|
|
|
|
Legal action against
insurer
|
Yes
|
|
|
|
|
Separation of insureds
|
Yes
|
|
|
|
|
Duties in event of
claim or loss
|
Yes
|
|
|
|
|
Valuation settlement
|
Yes
|
|
|
|
|
Extended period to
discover loss
|
Yes
|
|
|
|
|
Extended reporting
periods
|
Yes
|
|
|
|
|
Confidentiality
|
Yes
|
|
|
|
|
Territory
|
Yes
|
|
|
|
|
Policy bridge –
discovery replacing sustained
|
Yes
|
|
|
|
|
DEFINITIONS
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
Application
|
Yes
|
|
|
|
|
Business income
|
Yes
|
|
|
|
|
Claim
|
Yes
|
|
|
|
|
Computer program
|
Yes
|
|
|
|
|
Computer system
|
Yes
|
|
|
|
|
Cyber incident
|
Yes
|
|
|
|
|
Defense expenses
|
Yes
|
|
|
|
|
Discover
|
Yes
|
|
|
|
|
E-commerce
|
Yes
|
|
|
|
|
Electronic data
|
Yes
|
|
|
|
|
Employee
|
Yes
|
|
|
|
|
Extortion expenses
|
Yes
|
|
|
|
|
Extortion threat
|
Yes
|
|
|
|
|
Extra expense
|
Yes
|
|
|
|
|
Hacker
|
Yes
|
|
|
|
|
Informant
|
Yes
|
|
|
|
|
Insured
|
Yes
|
|
|
|
|
Interrelated wrong acts
|
Yes
|
|
|
|
|
Interruption
|
Yes
|
|
|
|
|
Loss
|
Yes
|
|
|
|
|
Named insured
|
Yes
|
|
|
|
|
Negative publicity
|
Yes
|
|
|
|
|
Personal information
|
Yes
|
|
|
|
|
Pollutants
|
Yes
|
|
|
|
|
Privacy regulations
|
Yes
|
|
|
|
|
Public relations
expense
|
Yes
|
|
|
|
|
Ransomware
|
Yes
|
|
|
|
|
Regulatory proceeding
|
Yes
|
|
|
|
|
Security breach
|
Yes
|
|
|
|
|
Security breach
expenses
|
Yes
|
|
|
|
|
Subsidiary
|
Yes
|
|
|
|
|
Suit
|
Yes
|
|
|
|
|
Third party
|
Yes
|
|
|
|
|
Virus
|
Yes
|
|
|
|
|
Wrongful act
|
Yes
|
|
|
|
|
ENDORSEMENTS
|
|
COMPANY A
|
COMPANY B
|
COMPANY C
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
