Aon  |  Professional Services Practice
Cyber Risk

In evaluating Cyber Risk insurance, it is important to understand the risks and exposures an insurance policy may or may not address. While there are numerous standard products available in the marketplace, coordinating Cyber Risk and Professional Liability coverage is a critical challenge for professional service firms (such as law firms, accounting firms, consulting firms and design & construction firms).



Featured Solution

Aon’s ‘Ransomware Protect’ and ‘Ransomware Readiness’ Offerings for Professional Service Firms

June 2021 - The ransomware epidemic is growing exponentially and is assuming geopolitical importance. The research company Cybersecurity Ventures predicts the global cost of cybercrime will reach $6 trillion in 2021.

Click here to learn more

Insight Archive Subscribe to our insights >>

We believe that one size does not fit all. Since the terms and conditions of each Cyber Risk insurance product vary greatly, we examine and modify each offering to present a recommended solution that is tailored to our clients' unique needs.

Many professional service firms consider expenses related to a privacy or security data breach, such as statutory notification costs, to be of paramount concern.

  • More and more client contracts are specifically requiring insurance coverage for these types of costs be evidenced
  • Data breach disclosure laws have been enacted or introduced in a majority of states, as well as in the European Union, and continue to evolve

Cyber Risk insurance policies provide direct access to data breach consultants and panels of experts to assist firms that suffer data breach events. The insurance also addresses expenses for forensic investigation and public relations, as well as notification costs, credit monitoring, and consumer education and assistance costs arising out of a data breach. Some policies also cover the cost of retaining outside counsel to evaluate the firm's potential obligations for a breach.

Cyber Risk insurance can be designed to cover certain additional exposures:

  • Privacy and Security Liability
  • Business Interruption and Extra Expenses
  • Contingent Business Interruption
  • Cyber Extortion
  • Data Corruption
  • Media Liability

Strategic Approach


Our process for discussing Cyber Risk insurance is educational and consultative:

Phase 1

  • A "gap analysis" is performed - to determine where any possible coverage exists under existing insurance policies
  • Results are presented in a clear and concise format, with open dialogue
  • Based on the findings, we provide specific recommendations on how to address identified coverage gaps

Phase 2

  • We provide an application for Cyber Risk insurance and assist with any questions
  • We negotiate coverage options specific to our clients' individual needs
  • A detailed comparison of the terms and conditions of each offering is presented
  • We place a Cyber Risk insurance solution as directed by the client