Whatever your company size, Chubb can provide innovative cyber insurance solutions. Our core cyber insurance products can be customized to fit your unique needs to minimize gaps and offer exceptional protections.
CHUBB CYBER PRODUCTSCyber incidents can impact any company, regardless of size and industry, and traditional insurance policies may be inadequate to respond to cyber exposures. Cyber ERM is the insurance solution to fill these gaps and provide affirmative protection for cyber, privacy and media exposures.
Target Clients
Any size organization that manages sensitive customer or employee information, third party corporate information, a computer network or a website.
Product Features
See below for all the Cyber Insurance features
DigiTech® ERM provides technology companies with an insurance solution to address technology errors and omissions, media, and cyber exposures on one insurance policy and reduce potential coverage gaps.
Target Clients
Commonly targeted technology companies:
Software and system developers
Companies that develop off-the-shelf or customized computer software products, including dedicated tech industry consultants and integrators, value-added re-sellers, independent software vendors, system integrators and distributors.
Technology services and consulting
Companies that provide information technology services to other organizations, such as computer systems design, data warehousing, programming and integration, training and IT, and consulting services.
Electronics and hardware manufacturers
Companies that design, manufacture or distribute everything from computers and peripherals to communications.
Product Features
All the features of Cyber ERM summarized below, plus the following:
Pro ERM SM provides professional services firms of all sizes with an enterprise risk management solution to address professional, media and cyber exposures in one insurance policy – and reduce potential coverage gaps.
Target Clients
Available to non-licensed professional services firms of all sizes, but commonly targeted firms include associations, consultants, business process administrators, event planners, interior design firms, graphic design firms, marketing and public relations firms, printers and document management firms, staffing firms, travel agents, and trustees.
Product Features
All the features of Cyber ERM summarized below, plus the following:
Cyber incident response fund — Legal fees, forensics, notification costs, credit monitoring, public relations
Business interruption — Loss of net profits and continuing operating expenses from interruptions of insured’s systems; and with contingent business interruption, adds losses due to interruption of outsourced technology provider’s systems
Digital data recovery — Costs to restore or replace lost or damaged data or software
Network extortion — Reimburse extortion payments and negotiation expenses
Cyber, privacy and network security liability — Liability for failure to protect private or confidential information of others or failure of network security
Payment card loss — Contractual liabilities owed to payment card industry firms because of a cyber incident
Regulatory proceedings — Defense for regulatory actions and coverage for fines and penalties, where insurable by law
Media liability — Liability following defamation or copyright and trademark infringement onlinecosts
Computer fraud — Third party accessing insured’s computers to take money
Funds transfer fraud — Third party tricking a bank into transferring funds from insured’s account
Social engineering fraud — Third party tricking an employee into transferring money
As our dependence on technology continuously grows, so do the frequency, severity, and sophistication of cyber incidents. Chubb addresses growing cyber risks with a flexible and sustainable approach for policyholders. From coverage for widespread cyber catastrophes to rewarding good software security practices, Chubb addresses cybercrime evolutions with insurance innovations.
Widespread Event Endorsement
With the world becoming increasingly digitized and interconnected, widely used software programs, communication platforms, and technology platforms are leveraged and often relied upon by the vast majority of companies. A single attack upon and/or failure of one of these widely used platforms or technologies could create an aggregation risk that exceeds the insurance industry’s capacity to insure. In an effort to provide policyholders with coverage clarity and market stability, we provide affirmative and specific limits, retentions and coinsurance for widespread events. Learn more
Ransomware Encounter Endorsement
Ransomware attacks have grown dramatically in both frequency and severity. The loss to policyholders is far broader than just the value of the ransom amount. Whether the ransom is paid or not, policyholders often incur legal costs, forensic investigatory expenses, business interruption loss, digital data recovery costs, and potentially liability and legal defense costs. The ransomware encounter endorsement allows for tailoring of coverage limits, retention, and coinsurance for losses incurred as the result of a ransomware encounter.
Neglected Software Exploit Endorsement
Keeping software up to date is an important aspect of good cyber risk hygiene. Many losses can be prevented by patching vulnerable software before cyber criminals have an opportunity to exploit it, but some organizations may not patch software right away. Sometimes there are legitimate reasons why software updates need to be tested before being rolled out – and compatibility, capacity, or simple logistics issues may prevent even a well-run information security organization from deploying patches within the first day or week after they become available. Learn more
For policyholders that lack strong patch management hygiene, Chubb may address this risk by adding the neglected software exploit endorsement. This endorsement provides policyholders with a 45-day grace period to patch software vulnerabilities that are published as Common Vulnerabilities and Exposures (CVEs) within the National Vulnerability Database operated by the U.S. National Institute for Standards and Technology (NIST). After the 45-day grace period expires, there is risk sharing between the policyholder and insurer incrementally shifting to the policyholder, who takes on progressively more of the risk if the vulnerability is not patched at the 45-, 90-, 180-, and 365-day mark.