Cyber insurance is a special insurance policy that covers your business’ losses and liability for intrusions into your business’s computers, computer networks, software, payment processing, and other information technology (cyber events). Cyber events that may be covered by cyber insurance include data breaches, malware, ransomware, viruses, spyware, wire transfer fraud, phishing, denial-of-service (DoS) attacks, Trojans, adware, botnets, man-in-the-middle attacks, credit card web skimming, and others.

In addition to breaching a business’s own valuable information and processes, a data breach may target a business’s sensitive customer information, such as credit card numbers, account numbers, telephone numbers, mailing addresses, passwords, driver’s license numbers, Social Security numbers, health records, and other personally identifiable information (PII).

In Minnesota, cyber insurance is designed to mitigate the risks associated with electronic business operations by providing coverage for various types of cyber events. This includes data breaches, malware, ransomware, and other forms of cyberattacks that can compromise a business's data or disrupt its operations. Cyber insurance policies in Minnesota may cover the costs associated with the response to and recovery from such incidents, including legal fees, notification expenses, credit monitoring services for affected individuals, and regulatory fines. Additionally, these policies can provide liability coverage for the loss of third-party data, such as customer PII. While Minnesota does not have specific statutes mandating cyber insurance, businesses are encouraged to assess their cyber risk exposure and consider cyber insurance as part of their overall risk management strategy. It's important for businesses to work with an attorney and an insurance broker to understand the scope of coverage, exclusions, and to ensure compliance with applicable state and federal laws regarding data protection and breach notification.