Skip to contentNerdwallet icon
NerdWallet Icon

Save up to 30% on business insurance

NerdWallet Small Business helps you get realtime quotes from 30+ insurers, and instant access to your Certificate of Insurance (COI) through our partner, Coverdash.
Get Instant Quotes
Paid Insurance Header Image
ON THIS PAGE
  • Best business insurance companies
  • What is cyber insurance?
  • What does cyber insurance cover?
  • What does cybersecurity insurance exclude?
  • Which businesses need cybersecurity insurance?
  • How much does cyber insurance cost?
  • How much cyber insurance coverage do you need?

Logo iconJump to

Best business insurance companies
What is cyber insurance?
What does cyber insurance cover?
What does cybersecurity insurance exclude?
Which businesses need cybersecurity insurance?
How much does cyber insurance cost?
How much cyber insurance coverage do you need?

Best business insurance companies

Cyber Insurance: What It Is, Best Options

Updated Feb 20, 2026

Check mark icon

Expert verified

Rosalie Murphy profile picture

Written By Rosalie Murphy

Lead Writer & Content Strategist

+ 1 more Chevron icon

Ryan Lane profile picture

Edited by Ryan Lane

Managing Editor

Cyber insurance protects businesses against the financial losses that follow data breaches, hacking, ransomware extortion payments and more. If your small business stores sensitive information online or on a computer, you should have at least some cyber insurance coverage.
Some insurers offer data breach insurance as an add-on to a business owner’s policy, or BOP. That’s a good choice for most customer-facing small businesses. If you need more comprehensive coverage, you can buy an individual cyber insurance policy.
Here's what cybersecurity insurance covers and where you can get it.

Chubb

Best for Overall cyber insurance policy

Chubb

Chubb

Best for Overall cyber insurance policy

5.0

 
Read expert review

Pros

  • Simple online shopping experience that most businesses can likely complete in a few minutes.
  • BOP includes business interruption and extra expense coverage.
  • Fewer complaints than expected about liability coverage and far fewer than expected about property coverage.

Cons

  • If you have more than $2 million in annual revenue, you'll need to talk with an agent or shop elsewhere.
  • Can’t get commercial auto insurance online.
Compare my rates
Chubb’s Cyber ERM (Enterprise Risk Management) policy can help protect your business finances in the face of lots of different costs. It covers ransom payments, data recovery, customer notification and legal defense costs, if any. Plus, it can also pay out to help make up for the income your business loses while it recovers. You may be able to purchase a policy online.
Read full review
  • General liability insurance.
  • BOP.
  • Business property insurance.
  • Business interruption insurance.
  • Professional liability insurance.
  • Umbrella insurance.
  • Workers’ comp.
  • Cyber insurance.
Chubb’s Cyber ERM (Enterprise Risk Management) policy can help protect your business finances in the face of lots of different costs. It covers ransom payments, data recovery, customer notification and legal defense costs, if any. Plus, it can also pay out to help make up for the income your business loses while it recovers. You may be able to purchase a policy online.
Read full review
  • General liability insurance.
  • BOP.
  • Business property insurance.
  • Business interruption insurance.
  • Professional liability insurance.
  • Umbrella insurance.
  • Workers’ comp.
  • Cyber insurance.
Chubb’s Cyber ERM (Enterprise Risk Management) policy can help protect your business finances in the face of lots of different costs. It covers ransom payments, data recovery, customer notification and legal defense costs, if any. Plus, it can also pay out to help make up for the income your business loses while it recovers. You may be able to purchase a policy online.

The Hartford

Best for Adding cyber insurance to a BOP

The Hartford

The Hartford

Best for Adding cyber insurance to a BOP

4.5

 
Read expert review

Pros

  • Fewer complaints than expected filed with state regulators about both liability and property insurance.
  • You can add data breach, professional liability and business income for off-premises utility service coverage to The Hartford's business owner's policy.
  • You can add an additional insured and request a certificate of insurance online.

Cons

  • No coverage available in Alaska or Hawaii.
  • Not all businesses can get a quote online.
Compare my rates
The Hartford allows you to tack data breach insurance onto a business owner’s policy or general liability insurance policy. Its cyber coverage can help cover the costs of notifying your customers of the hack, investigating what happened and defending your business in court, if necessary. Do you need technology errors and omissions coverage? The Hartford offers that too. Look for the FailSafe Technology Errors and Omission policy.
Read full review
  • Business owner's policies.
  • General liability insurance.
  • Professional liability insurance.
  • Workers’ compensation insurance.
  • Commercial property insurance.
  • Business income insurance.
  • Data breach insurance.
  • Commercial umbrella insurance.
  • Commercial auto insurance.
  • Employment practices liability insurance.
  • Liquor liability insurance.
The Hartford allows you to tack data breach insurance onto a business owner’s policy or general liability insurance policy. Its cyber coverage can help cover the costs of notifying your customers of the hack, investigating what happened and defending your business in court, if necessary. Do you need technology errors and omissions coverage? The Hartford offers that too. Look for the FailSafe Technology Errors and Omission policy.
Read full review
  • Business owner's policies.
  • General liability insurance.
  • Professional liability insurance.
  • Workers’ compensation insurance.
  • Commercial property insurance.
  • Business income insurance.
  • Data breach insurance.
  • Commercial umbrella insurance.
  • Commercial auto insurance.
  • Employment practices liability insurance.
  • Liquor liability insurance.
The Hartford allows you to tack data breach insurance onto a business owner’s policy or general liability insurance policy. Its cyber coverage can help cover the costs of notifying your customers of the hack, investigating what happened and defending your business in court, if necessary. Do you need technology errors and omissions coverage? The Hartford offers that too. Look for the FailSafe Technology Errors and Omission policy.

Travelers

Best for Extensive coverage options

Travelers

Travelers

Best for Extensive coverage options

4.5

 
Read expert review

Pros

  • Offers many types of commercial insurance, including specialized coverage like key person insurance and surety bonds.
  • You can access your certificate of insurance and track your claims through an online portal.
  • Fewer complaints than expected about liability coverage and property coverage.

Cons

  • You can’t get a quote or purchase a policy online.
Compare my rates
Travelers offers a wide range of cyber insurance coverages, including cyber liability insurance tailored to a variety of fields and technology errors and omissions insurance. Smaller businesses may want to consider the company’s CyberFirst Essentials package, which covers data breach investigations, notifications to customers and legal defense and settlement costs. You’ll have to work with an agent to get a quote. 
Read full review
  • General liability insurance.
  • BOP.
  • Business income and extra expense coverage.
  • Commercial property insurance.
  • Professional liability insurance.
  • Commercial auto insurance.
  • Workers’ comp.
  • Cyber insurance.
  • Management liability insurance.
  • Employment practices liability insurance.
  • Umbrella insurance.
  • Equipment breakdown insurance.
  • Specialized coverage for industries like agriculture and energy.
Travelers offers a wide range of cyber insurance coverages, including cyber liability insurance tailored to a variety of fields and technology errors and omissions insurance. Smaller businesses may want to consider the company’s CyberFirst Essentials package, which covers data breach investigations, notifications to customers and legal defense and settlement costs. You’ll have to work with an agent to get a quote. 
Read full review
  • General liability insurance.
  • BOP.
  • Business income and extra expense coverage.
  • Commercial property insurance.
  • Professional liability insurance.
  • Commercial auto insurance.
  • Workers’ comp.
  • Cyber insurance.
  • Management liability insurance.
  • Employment practices liability insurance.
  • Umbrella insurance.
  • Equipment breakdown insurance.
  • Specialized coverage for industries like agriculture and energy.
Travelers offers a wide range of cyber insurance coverages, including cyber liability insurance tailored to a variety of fields and technology errors and omissions insurance. Smaller businesses may want to consider the company’s CyberFirst Essentials package, which covers data breach investigations, notifications to customers and legal defense and settlement costs. You’ll have to work with an agent to get a quote. 

What is cyber insurance?

Cyber insurance protects your business from the fallout after someone steals your customers’ data. This is a relatively new kind of business insurance, so it isn’t as standardized as some other policy types.
Cyber insurance can come in several forms. These include:
  • Data breach insurance. This coverage focuses on the unauthorized access or exposure of private data directly from your company. That could include your business’s financial data, customer credit card numbers or employee data, like Social Security numbers. It’s often available as an endorsement on a BOP.
  • Cyber liability insurance. This protects your business if a third party sues you for damages as a result of a cybersecurity incident. It can pay for attorney and court fees, settlements and judgements and regulatory fines. You may be able to add this onto a general liability insurance policy or buy it separately. 
  • Technology errors and omissions. This specialized E&O insurance policy kicks in if one of your customers suffers a cybersecurity incident because of an error on your part. You should buy this coverage if your business manufactures a technology product or provides technology services. Most other businesses don’t need it, though.

What does cyber insurance cover?

Cyber insurance can pay out to cover ransom payments, investigation of a cyberattack, lost revenue while your business recovers, providing credit monitoring services for customers and more.
Data breach insurance is most commonly available as an add-on to a BOP. It can generally cover:
  • Notification. Many states have requirements for how quickly businesses must notify affected customers. Data breach insurance can help pay for some or all of the cost of properly telling customers about the breach and explaining what information was stolen. Many policies also cover the costs of providing affected customers with anti-fraud services, like identity theft monitoring. This can also include public relations costs.
  • Investigation. Data breach insurance can pay a third-party company to investigate the breach, determine how it happened and advise on how to prevent future incidents. 
  • Income loss. Some insurers offer additional policy coverage to replace lost income if you have to temporarily close your business after a data breach. 
  • Extortion threats. Some insurance policies will pay out to cover a ransom if it’s necessary to recoup your data. According to Verizon’s 2025 Data Breach Investigations Report, 88% of small-business data breaches involved ransomware. The median amount businesses paid in ransoms was $115,000.
Cyber insurance usually includes the data breach coverages above. It also usually contains “cyber liability insurance," which covers the costs below, These are similar to the expenses covered by general liability insurance. But general liability policies usually exclude coverage for data-breach-related liability claims.
Cyber liability insurance covers:
  • Attorney and court fees. Cyber insurance can cover the cost of defending your business in court or arriving at a settlement. 
  • Settlements and court judgments. If a court finds your business liable, your cyber liability policy can help cover the cost of your settlement or punitive judgement. 
  • Regulatory defense. This might include the cost of hiring attorneys to work with regulators, then paying the fines and penalties they order up to the policy limit.

What does cybersecurity insurance exclude?

Cybersecurity insurance does not pay for:
  • Property damage. Cybersecurity insurance generally doesn’t pay for any property damage stemming from a data breach or cyberattack, like hardware that was fried during the incident. These sorts of claims are usually covered by commercial property insurance.
  • Intellectual property. IP theft and any lost income associated with it are usually excluded from cybersecurity insurance coverage. 
  • Crimes or self-inflicted cyber incidents. If an employee steals data from your business’s servers or makes it possible for someone else to do so, cyber insurance probably won’t cover you. Commercial crime insurance covers theft by employees.
  • Costs for preventive measures before an attack happens. Steps to help you avoid a future cyberattack, like training employees on cybersecurity and setting up a virtual private network, aren’t covered by insurance. They might help reduce your premiums, though.

What is tech E&O insurance?

Tech E&O insurance is relevant if you design or manufacture technology-related products, including software, or perform technology services for clients. Your business needs it if, for example, you develop software or perform IT services.
Other companies generally need straightforward cyber insurance policies or E&O policies, not tech E&O policies.

Which businesses need cybersecurity insurance?

Cyber threats don’t apply only to large companies — the FTC says they’re a problem for companies of all sizes. But cyber insurance is especially important if:
  • Your business stores customer data. If your business keeps records of phone numbers, credit card numbers or Social Security numbers — either in the cloud or on a local network — you are at risk of a cyberattack. You should consider data breach insurance.
  • Businesses with lots of customers. Notifying customers of data breaches is often required by state law, and first-party policies can cover this cost, which can be significant for companies with large customer bases.
  • Businesses with high revenue or valuable digital assets. The costs associated with cyber incidents can be difficult to predict, and larger companies are likely to have more valuable data, which could come with a more expensive ransom. 
If you aren’t sure about whether you need cyber insurance, talk to a local business insurance agent. They can help you assess your risk level and understand how much coverage might cost.

How much does cyber insurance cost?

Coverdash, an online insurance broker, shared insurance cost data with NerdWallet in 2026. The median cyber insurance premium was:
  • E-commerce merchants: $1,500 per year.
  • Software publishers and small developers: $1,800 per year.
  • Pre-seed startups: $2,000 per year.
For comparison: The median cost of a cyberattack in 2023 was a little more than $16,000, according to a survey from global insurer Hiscox. (The survey included data from eight countries, not just the U.S.). And 53% of firms were on the receiving end of cyberattacks.
If your company faced a breach of that size, buying insurance could actually save you money — you’d pay far less in premiums than to recover from the attack.
Adding data breach insurance onto another policy is generally the cheapest way to get coverage. For instance, The Hartford says its average customer pays $320 for coverage. However, if you need liability coverage, you should consider a dedicated cyber insurance policy — even if it costs more.

How much cyber insurance coverage do you need?

Most small businesses carry around $1 million in per-occurrence and aggregate limits. That means your policy will cover up to $1 million for any single incident and a total of $1 million over the life of your policy, which is usually one year.
To figure out how high your limits need to be, think about how many records you store. According to IBM’s 2025 Cost of a Data Breach report, the cost of recovering from cyberattacks depends on what kind of data is stolen:
  • Personally identifying information (PII) about employees: $168 per record.
  • PII about customers: $160 per record.
  • Anonymized customer data: $115 per record.
Industries with more PII on file tend to face costlier data breaches. According to the IBM report, healthcare and the financial sector paid the most on average to recover from data breaches. Retail and communications were near the bottom of the list.
Put all this information together as you decide how much coverage you need. An insurance agent can help you understand your risks and get specialized coverages if you need them.

Methodology

Business insurance ratings methodology

NerdWallet rewards business insurance companies for reliability and good service. We calculate star ratings based on scores in about a dozen categories. These include:
  • Each company's financial strength.
  • How many complaints customers made relative to its market share.
  • How easy it is to get coverage.
  • How accessible customer service is.
Learn more about how we rate small-business insurance companies.
Our editorial team routinely fact-checks and updates these data points. We also adjust our scoring on an ongoing basis. This helps our star ratings reflect changing industry norms. For instance, in 2026, we began evaluating how easy insurers make it to add an additional insured.
Our ratings are a guide. But insurance policy details and prices can vary widely. We encourage you to shop around and compare several insurance quotes.NerdWallet does not receive compensation for any reviews. Read our editorial guidelines.

Insurer complaints methodology

One key factor in our star ratings is how many complaints insurance companies get. Here's how we arrive at that score.
Disappointed customers can file a complaint with their state's insurance department. The National Association of Insurance Commissioners (NAIC) collects, analyzes and groups complaints by business line and insurance company every year. A business line is a specific type of coverage, like workers’ comp.
Then, the NAIC calculates a complaint ratio for each company. It divides the company's share of complaints by its share of total premiums for each line of business. It then adds these ratio values to their official complaint index.
  • A complaint ratio of 1 means a company received about the expected number of complaints relative to its size. 
  • A ratio of 2 means it received twice as many complaints as expected. 
  • A ratio of 0 means it received half as many complaints as expected.
NerdWallet obtains the raw NAIC data every year. We aggregate results at the company level and fact-check these results. Then we calculate a three-year average of each insurer's complaint ratio and convert it to a score for our star ratings.
Business insurance star ratings consider complaints about two lines of business: commercial liability and commercial property. We analyze complaint data on commercial auto and workers' comp policies too. But we don't currently incorporate these into our ratings since they're less universal.