Cyber insurance is a special insurance policy that covers your business’ losses and liability for intrusions into your business’s computers, computer networks, software, payment processing, and other information technology (cyber events). Cyber events that may be covered by cyber insurance include data breaches, malware, ransomware, viruses, spyware, wire transfer fraud, phishing, denial-of-service (DoS) attacks, Trojans, adware, botnets, man-in-the-middle attacks, credit card web skimming, and others.

In addition to breaching a business’s own valuable information and processes, a data breach may target a business’s sensitive customer information, such as credit card numbers, account numbers, telephone numbers, mailing addresses, passwords, driver’s license numbers, Social Security numbers, health records, and other personally identifiable information (PII).

In Connecticut, cyber insurance policies are designed to mitigate the risks associated with electronic business operations. These policies typically cover financial losses due to cyber events such as data breaches, malware, ransomware, and other cyber threats that can compromise a business's or its customers' sensitive information. Connecticut does not have specific statutes governing cyber insurance; however, businesses must comply with the Connecticut General Statutes Section 36a-701b, which requires them to safeguard the personal information of residents and promptly notify them in case of a data breach. Additionally, the Connecticut Insurance Department oversees the insurance market and ensures that insurance products, including cyber insurance, meet state regulatory standards. Businesses seeking cyber insurance in Connecticut should consult with an attorney to understand the coverage options available and how they align with state regulations and federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA) for health records, to ensure adequate protection against cyber threats.