Cyber insurance is a special insurance policy that covers your business’ losses and liability for intrusions into your business’s computers, computer networks, software, payment processing, and other information technology (cyber events). Cyber events that may be covered by cyber insurance include data breaches, malware, ransomware, viruses, spyware, wire transfer fraud, phishing, denial-of-service (DoS) attacks, Trojans, adware, botnets, man-in-the-middle attacks, credit card web skimming, and others.

In addition to breaching a business’s own valuable information and processes, a data breach may target a business’s sensitive customer information, such as credit card numbers, account numbers, telephone numbers, mailing addresses, passwords, driver’s license numbers, Social Security numbers, health records, and other personally identifiable information (PII).

In Idaho, as in many states, businesses can purchase cyber insurance to protect against losses and liabilities resulting from cyber events. Cyber insurance policies typically cover a range of incidents, including data breaches, malware, ransomware, and other forms of cyberattacks that compromise a business's information technology systems. These policies can also provide coverage for the costs associated with a breach of sensitive customer information, such as PII. The specific coverage details and requirements for cyber insurance policies can vary by insurer and policy type. It is important for businesses to carefully review the terms of their cyber insurance policies to understand what is covered, any exclusions, and the extent of protection provided. While there is no specific state statute in Idaho that mandates businesses to carry cyber insurance, companies may choose to obtain it as a risk management strategy, especially if they handle sensitive customer data. An attorney specializing in cyber law or insurance law can provide more detailed advice tailored to a business's specific needs and risks.