Skip to main content
Tabor AgencyTABORAGENCY
Get a Quote

Cyber Liability Insurance

Small businesses are now the primary target. One phishing email can cost six figures.

Get a Cyber Quote

What is cyber insurance?

Cybercrime has shifted decisively toward small and mid-size businesses precisely because they have weaker defenses and no response plan. Ransomware, phishing-driven funds-transfer fraud, and stolen customer data routinely cost small businesses six figures — between forensics, notification laws, system restoration, lost income, and liability. Many never recover.

Cyber insurance does two things: it pays those costs, and — just as important — it hands you a breach-response team the moment something happens: forensic investigators, privacy attorneys, notification services, and ransomware negotiators on call 24/7. If your business takes payments, stores customer information, depends on email, or runs on any software at all, this coverage has moved from optional to essential.

What it covers

  • Breach response: forensics, legal counsel, customer notification, credit monitoring, PR
  • Cyber extortion and ransomware — negotiation, payments where lawful, and restoration
  • Funds-transfer fraud and social engineering — wire payments tricked out of your team
  • Business interruption — income lost while systems are down
  • Data restoration and system recovery costs
  • Third-party liability — lawsuits from customers whose data was exposed, and regulatory fines/penalties where insurable
  • Payment card (PCI) fines and assessments

What it doesn't cover

  • Bodily injury and property damage (GL territory)
  • Loss of future profits or company valuation after an incident
  • Failures to maintain the security controls you attested to on the application (answer honestly)
  • Acts of war exclusions can apply to state-sponsored attacks — wording varies; we read it

Coverage components explained

1First-Party Breach Response

The 'first 72 hours' coverage: a breach coach (privacy attorney), forensic investigators, notification to affected individuals as state laws require, call centers, and credit monitoring. Notification laws apply in all 50 states, with deadlines.

2Cyber Extortion / Ransomware

Covers negotiation expertise, ransom payment where legal and approved, and the larger cost of restoring systems and data. Carriers' response panels deal with ransomware groups weekly — you don't want to improvise this.

3Cybercrime / Social Engineering

Covers funds transferred by your own employees after being deceived — fake vendor invoices, spoofed executive emails. This is the most frequent small-business cyber loss, and it often carries a sublimit. We negotiate that sublimit up.

4Business Interruption & Data Restoration

Replaces income lost while ransomware or an attack keeps you offline, and pays to rebuild data and systems — including, on better forms, losses from outages at your cloud providers.

5Third-Party Liability & Regulatory

Defends and pays claims from customers, partners, and regulators after a breach of data you held — including defense for state AG actions and insurable fines.

When you need cyber coverage

  • You accept credit cards or hold any customer personal information (names + emails count)
  • You pay vendors by wire or ACH — funds-transfer fraud is the #1 small-business cyber loss
  • Your operations depend on email, cloud software, or any computer system
  • You're in a regulated or data-heavy field: healthcare, finance, legal, retail, professional services
  • A client contract or vendor agreement now requires cyber coverage (increasingly standard)
Check My Coverage Options

Frequently asked questions

My business is small — would hackers really target us?

Small businesses are now the majority of cyber-attack victims precisely because attackers automate at scale and small firms have weaker defenses. Most incidents aren't targeted at all: phishing kits and credential-stuffing bots don't care about your size, and the average small-business incident runs well into six figures once forensics, notification, downtime, and recovery are counted.

What does cyber insurance cost?

For most small businesses, $1M of coverage runs roughly $500–$2,500 a year depending on industry, revenue, and security posture. Carriers now price heavily on controls — multi-factor authentication, backups, and email security can cut your premium meaningfully. We'll tell you which controls move the price before you apply.

We use cloud software for everything. Isn't security their problem?

Cloud providers secure their infrastructure — but you remain legally responsible for your customers' data, your employees still click phishing links, and your business still loses income when the provider goes down. Good cyber policies cover contingent business interruption from cloud outages; we check for it specifically.

What happens if we get hit with ransomware?

You call the carrier's 24/7 breach hotline and a response team takes over within hours: forensics to assess scope, a privacy attorney to manage legal obligations, negotiators if a ransom is in play, and restoration specialists. The coverage matters, but in the moment, the team matters more — that's what you're really buying.

Will my application answers affect claims?

Yes — carriers have denied claims where applicants attested to controls (like MFA) they didn't actually have. We go through the application with you carefully so every answer is accurate, and where a control is missing, we help you close it (which usually lowers the premium anyway).

Let's find the right cyber coverage for you

Answer a few questions and a licensed advisor will compare quotes across our carrier lineup — usually back to you within one business day.

Start My Quote(555) 014-7300