Cyber insurance is a special insurance policy that covers your business’ losses and liability for intrusions into your business’s computers, computer networks, software, payment processing, and other information technology (cyber events). Cyber events that may be covered by cyber insurance include data breaches, malware, ransomware, viruses, spyware, wire transfer fraud, phishing, denial-of-service (DoS) attacks, Trojans, adware, botnets, man-in-the-middle attacks, credit card web skimming, and others.

In addition to breaching a business’s own valuable information and processes, a data breach may target a business’s sensitive customer information, such as credit card numbers, account numbers, telephone numbers, mailing addresses, passwords, driver’s license numbers, Social Security numbers, health records, and other personally identifiable information (PII).

In California, cyber insurance policies are designed to mitigate the risks associated with electronic business operations by covering the financial losses that can result from various cyber events. These policies typically address costs related to data breaches, malware, ransomware, and other cyber threats that compromise a business's or its customers' sensitive information, including PII such as credit card details and Social Security numbers. The coverage can extend to expenses like notification costs, credit monitoring services, legal fees, and regulatory fines. California has enacted privacy laws, such as the California Consumer Privacy Act (CCPA), which impose specific obligations on businesses regarding consumer data protection. Non-compliance with such regulations can lead to significant penalties, making cyber insurance an important consideration for businesses to protect against potential liabilities. It's important for businesses to work with an attorney to understand the scope of coverage offered by cyber insurance policies and ensure compliance with state and federal regulations.