Betterment Coverage
Part of a cyber liability insurance policy that overs costs to improve the client’s computer systems, like adding stronger firewalls or encryption, when experts recommend these to prevent future breaches.
BCP – Business Continuity Plan
A BCP outlines how a business will keep operating during and after a disruption—like a ransomware attack or system outage. Cyber insurers increasingly require proof of a BCP before offering business interruption coverage. Strong continuity planning signals lower operational risk, which can reduce premiums or broaden policy terms.
BI – Business Interruption
Picture your business screeching to a halt because a cyberattack knocks out your network—no sales, no services, just lost revenue. Business interruption coverage, a staple of cyber insurance (14,800 searches in Apr 2025), acts like a financial lifeline, compensating for the income and profits you lose during downtime. Whether it’s ransomware or a server crash in Nov 2024 (14,800 searches for cyber insurance), this helps cover what you’re not earning, so you can keep going until you’re back online.
BOP – Business Owner’s Policy
A BOP bundles basic insurance for small businesses (like general liability and property coverage). Some carriers allow cyber coverage to be added to a BOP, but the included protection is often minimal compared to a dedicated cyber policy. It’s a common entry point for small businesses seeking cyber protection for the first time.
Bricking Coverage
Ever hear of a cyberattack turning your computers into useless bricks? That’s what “bricking” means—when a hack physically damages hardware like servers, making them kaput. Bricking coverage, often part of cyber attack insurance (720 searches in May 2025), covers replacing or repairing that wrecked equipment. If malware fries your servers in Feb 2025, this cyber insurance feature (12,100 searches that month) ensures you’re not stuck buying new hardware out of pocket, keeping your tech running.
CGL – Commercial General Liability
CGL is a foundational insurance policy for most businesses, but it typically excludes cyber-related incidents. Many organizations don’t realize this until after an incident occurs. A separate cyber insurance policy is needed to cover data breaches, ransomware, and digital extortion.
CISO – Chief Information Security Officer
This executive is responsible for a company’s cybersecurity posture. Insurers will often assess whether a company has a dedicated CISO (or CISO-level oversight) when evaluating risk and pricing coverage. A well-resourced security team can positively influence underwriting.
CNA – Cyber Network Attack
This term is sometimes used in policy language to define hostile digital events such as malware, unauthorized access, or disruption of service. Some policies require the attack to be classified as a CNA to trigger coverage, especially for nation-state events.
Captive Insurance
A captive is an insurance company formed by a business or group to insure their own risks—including cyber. Companies use captives to access reinsurance markets, retain underwriting profits, and tailor cyber insurance terms to their actual risk profile. As cyber risk grows, captives increasingly fund cyber losses that traditional insurers won’t fully cover.
Cat Bond – Catastrophe Bond
Cyber catastrophe bonds (“cat bonds”) are insurance-linked securities (ILS) that pay investors high yields but lose value if a predefined cyber event occurs—like a major systemic breach. They help insurers or reinsurers transfer extreme tail-risk to capital markets. Interest in cyber cat bonds is rising as traditional reinsurers struggle to price aggregating digital risks.
CPC – Cost Per Click
In the digital advertising world—including for cyber insurance content marketing—CPC tracks how much an advertiser pays each time someone clicks on their ad. High CPC values often indicate valuable, competitive search terms (e.g., “cyber insurance small business” with CPC over $17), reflecting strong intent to purchase.
CPL – Cyber Protection Liability
A broad term used to describe insurance policies that protect businesses against losses from cyber incidents. This can include data breach costs, network security failures, privacy violations, and regulatory fines. It’s often used interchangeably with “cyber liability insurance.”
Cyber ILS – Cyber Insurance-Linked Securities
Cyber ILS refers to securitized financial products that allow investors to assume cyber insurance risk—typically structured like catastrophe bonds or sidecars. This emerging market is enabling alternative capital to enter the cyber re/insurance space, diversifying sources of protection for primary insurers.
Cyber Reinsurance
This is insurance for insurers—specifically, coverage that helps insurers manage their portfolio-level exposure to cyber claims. As ransomware and systemic risk rise, reinsurers play a critical role in stabilizing the cyber insurance market. Common reinsurance structures include quota share, excess of loss, and aggregate stop-loss agreements.
D&O – Directors and Officers Insurance
D&O insurance protects leadership from personal liability in lawsuits related to their management decisions. Following a major cyber incident, shareholders may allege that executives failed to protect the company adequately—especially if no cyber policy was in place. D&O and cyber coverage are often paired for comprehensive protection.
E&O – Errors and Omissions Insurance
This policy protects professionals and businesses from claims of inadequate work or negligent services. In tech and cybersecurity fields, E&O is often bundled with cyber coverage because a service failure (like poor coding or a missed patch) can lead to a breach.
GDPR – General Data Protection Regulation
The EU’s flagship data protection law imposes strict rules—and heavy fines—on organizations that mishandle personal data. Cyber insurance policies covering GDPR events help pay for legal defense, regulatory penalties (where insurable), and notification costs after breaches.
ICS – Industrial Control Systems
These systems operate critical infrastructure like utilities and manufacturing plants. They’re especially vulnerable to cyberattacks due to legacy software and network exposure. Cyber insurers treat ICS-heavy clients as higher risk and may impose specific controls or exclusions.
ILS – Insurance-Linked Securities
ILS are financial instruments—like cat bonds or collateralized reinsurance—that transfer insurance risk to the capital markets. In the context of cyber insurance, ILS may be used to spread tail risks from systemic events, such as widespread cloud outages or major ransomware outbreaks.
IoT – Internet of Things
Connected devices—from smart locks to factory sensors—expand the attack surface for cyber threats. IoT risks complicate underwriting because these devices often lack strong security controls. Coverage for IoT-related incidents may be included or excluded depending on the policy.
IRP – Incident Response Plan
An IRP details how a company responds to a cyber event, including roles, steps, and communications. Many insurers require policyholders to maintain a formal IRP. A well-documented plan can reduce the severity of an event and speed up claims resolution.
Investment Grade (ILS)
For a cyber cat bond or ILS structure to attract broad capital markets participation, it often needs to be rated as investment grade. That rating reflects low expected loss frequency/severity. Investors and regulators scrutinize cyber ILS models, due to challenges modeling correlated cyber risk events.
Loss Ratio
This is a core metric for assessing the performance of cyber insurance portfolios. It’s the ratio of claims paid to premiums earned. A high loss ratio (e.g., 80%+) signals that an insurer is paying out a lot of claims relative to what it earns—often unsustainable unless prices rise or underwriting improves.
MFA – Multi-Factor Authentication
MFA requires users to verify their identity through more than one method (e.g., password + text code). It’s now a standard requirement for cyber insurance eligibility. Insurers may deny or limit coverage if MFA isn’t implemented across key systems like email and remote access.
MSP – Managed Service Provider
MSPs deliver IT and cybersecurity services to other businesses. Because a breach in one MSP can cascade to many clients, insurers scrutinize these firms closely. Many policies include specific conditions or sublimits for MSP-related risks.
NIST – National Institute of Standards and Technology
NIST publishes widely adopted cybersecurity frameworks used to evaluate an organization’s maturity. Insurers often benchmark applicants against NIST standards to assess risk. Companies aligned with NIST may benefit from better terms or lower premiums.
PCI DSS – Payment Card Industry Data Security Standard
Businesses that handle credit card data must comply with PCI DSS. Non-compliance can lead to penalties, and a breach can trigger additional fines and reputational fallout. Cyber policies may include specific language addressing PCI DSS incidents and liabilities.
PHI – Protected Health Information
PHI includes medical records and health-related personal data. It’s regulated under laws like HIPAA in the U.S., and its exposure can drive high-cost cyber claims. Insurers often offer tailored cyber coverage for healthcare entities managing PHI.
PII – Personally Identifiable Information
This includes names, Social Security numbers, and other data that can identify individuals. Most cyber policies are built to respond to the theft or compromise of PII, including breach notification, credit monitoring, and legal expenses.
RDP – Remote Desktop Protocol
RDP allows users to access computers remotely—but is a frequent entry point for attackers if not properly secured. Insurers commonly inquire about RDP usage during underwriting and may require it to be disabled or heavily restricted.
ROI – Return on Investment (Cybersecurity)
ROI in cybersecurity is a hot topic for businesses deciding how much to spend on risk mitigation versus cyber insurance. Tools like MFA, SIEM, and endpoint detection have upfront costs, but strong ROI if they prevent incidents—and potentially lower insurance premiums. Cyber-focused VC and private equity firms also monitor ROI on cyber tech company investments.
SIEM – Security Information and Event Management
SIEM software helps detect and manage security threats in real time. Having a SIEM in place can improve an organization’s cyber defense posture and serve as evidence of “reasonable” security when applying for insurance or responding to claims.
SOC – Security Operations Center
A SOC monitors and responds to cyber threats across an organization. Having an internal or third-party SOC in place is viewed favorably by insurers and may reduce premiums or improve coverage options.
SOC 2 – Service Organization Control 2
SOC 2 is a cybersecurity and privacy compliance standard, especially important for SaaS and tech vendors. Certification shows insurers that a company follows rigorous controls, which can reduce risk perception and aid in faster underwriting.
Subrogation/Subrogee
In the cyber insurance industry, subrogation is the process by which an insurer, after paying a claim for a loss caused by a third party, assumes the insured’s legal rights to pursue recovery of the paid amount from the responsible party. For example, if a cyberattack causes a loss and the insurer pays the claim, they may seek reimbursement from the attacker or another liable part. The subrogee is the insurance company that takes on the insured’s rights to recover damages after paying a claim. In cyber insurance, the subrogee (the insurer) may pursue legal action or recovery against a third party, such as a hacker or negligent vendor, responsible for the cyber incident.