Cyber

Commercial Cyber

From a lost device to a deliberate cyber-attack, iTOO Cyber Insurance provides your business with access to expert knowledge and resources in managing a cyber incident.

  • Covers the resultant costs and damages from a privacy or network security breach
  • Comprehensive first and third-party coverages with expert incident response 
  • Can be specifically tailored to your business requirements
Commercial Cyber

Why get your commercial cyber insurance from iTOO?

Designed to cover the resultant costs and damages from a privacy breach or a network security breach, a cyber insurance policy covers what has previously been uninsurable providing comprehensive first and third-party coverages with an expert incident response process.

Far broader than the name cyber would imply, our policy extends to cover numerous incidents including but not limited to:

  • Hacking.
  • Cyber extortion and malware (viruses, ransomware, or publishing of stolen data).
  • Denial of service (disruption to operations).
  • Downstream attack (a compromise of your environment resulting in damages to others).
  • Insider and privilege misuse (unauthorised access and use of systems and data by employees and service providers).
  • Physical theft and loss (both devices and physical hard copy data).
  • Threats posed by third party access into a client environment.

Our comprehensive offer

What's included?

Our comprehensive cyber insurance policy can be specifically tailored to your requirements.

First party cover

  • Covers regulatory fines, business interruption and data restoration
  • Cover for exposure to named outsourced service providers 
  • Payment card industry fines and penalties, phone phreaking and physical damage
  • Theft of Funds – unrecoverable loss of money because of system security incident by a third party
  • Physical damage costs to replace or repair direct physical damage of property due to a security incident

Third party cover

  • Privacy liability and defence and settlement claims from compromised information
  • Network security liability, media liability and defamation

Incident response costs

  • Costs to respond to a system’s security incident

1BN emails were exposed in 2023

Clever insurance for clever people

Comprehensively protect your business against any cyber threat.

How to get cover

Ask your insurance broker to contact us for a quote for your commercial cyber cover. Don’t have a broker and want us to recommend possible FAIS registered brokers trained in our products? Find a broker or contact one of our experts.

These are all the things you’ll need to complete a Commercial Cyber proposal form:

  • Must be completed electronically and in full
  • Technical questions answered by your IT service provider
  • Full disclosure of number of records stored

Forms and documents

Commercial Cyber experts

Our team of passionate, dynamic, and talented individuals.

How to claim

Speed, efficiency and experience is critical to reducing the exposure, costs and reputational damage. With iTOO’s Cyber Insurance Policy you are assured of access to highly acclaimed expert resources including experienced cyber mitigation and incident response specialists with a local presence and proven capabilities.

Frequently asked questions

Why would my company be a target?

Attacks such as ransomware are indiscriminate and can affect any company and every industry. Smaller companies are often a target for hackers particularly if they are found to have less sophisticated IT infrastructure. Smaller companies can be severely impacted following a breach as they are required to absorb the high incident response costs. Compromises at larger companies tend to yield larger data sets for theft and break into the news, which can boost a hackers’ reputation.

Can I protect my business without purchasing cyber insurance cover?

There are many ways to mitigate the risk of cyber threats such as staff education, encryption, bring-your-own-device policies and password policies, however, even the most diligent businesses can be exposed to a cyber-attack.

We use state of the art protection; do we still need cyber insurance?

Having the latest technology, firewalls and encryption will reduce the risks of a breach occurring however, many cyber threats originate internally from employee mistakes (misplacing a laptop, or not disposing of confidential information securely). Having state of the art protection is not a 100% guarantee against an incident occurring.

What if we use a cloud provider to store client data?

You are the custodian of the data and remain responsible for any data lost in a breach. Look to use a cloud service provider that can provide reasonable assurance that your data will be protected, however, there is still a chance your business could be held liable for data compromised from the cloud environment (the same would apply for other outsourced providers you make use of and share data with).

Does any other liability policy provide cyber cover?

A cyber insurance policy provides the most comprehensive cover for system and data related risks. 

  • A Professional Indemnity policy provides limited cover for third party data loss but only as it relates to the provision of professional services.
  • A General Liability policy, as data is deemed intangible provides no cover.
  • A Business Interruption policy requires physical damage to trigger the policy and incidents such as ransomware or hacking a server may reflect no physical damage.
  • A Commercial Crime policy provides cover for first party financial loss only.
  • A Directors & Officers policy will likely be triggered after a cyber breach but will not cover the business interruption, incident response or liability damages suffered by the company.

How do I apply for cover?

A fully completed proposal form would be required in order to provide you with a quote.

  • For qualifying companies with a revenue below R250m see our iTOO-GO proposal form with simplified underwriting. Please note that this offering is not available to the following industries:  financial institution; call centre/telemarketer; payment card aggregator/processor; data processor/outsourcer; healthcare centre/provider (turnover > R25 million); internet service/hosting/cloud storage provider; payroll processor; technology service provider (turnover > R25 million); telecommunications provider.
  • For companies with a turnover above R250m or companies that do not meet the iTOO Go qualifying criteria, please complete the CYlution proposal form.
  • Companies we would not consider are as follows: payment card aggregators, universities, adult media, online gaming or gambling.
Ryan van de Coolwijk
Lwando Cwane
Musawenkosi Khumalo

Still have questions?

Can’t find the answer you’re looking for? Chat to our team.

iTOO Insights