Business insurance

Cyber Insurance in India

A comprehensive, India-first guide for businesses that want to shield leadership, secure assets, and plug financial vulnerabilities before they derail growth. Bookmark this before your next board review.

Get a Quote
Book a Risk Evaluation Session
10,000
Claims processed
6,000
Companies covered
1,000
Businesses protected

Introduction to Cyber Insurance

Every business today uses technology—whether it is email, payment gateways, cloud storage, HR software, CRM tools, or customer data systems. While this makes operations faster and more efficient, it also exposes businesses to cyber risks: hacking, ransomware attacks, data theft, phishing, and financial fraud.

Cyber Insurance—also called Cyber Liability Insurance—is designed to protect businesses from financial losses and legal liabilities that arise due to cyberattacks or data breaches. It covers the cost of recovering data, restoring systems, informing affected customers, paying legal fees, and in some cases, negotiating with attackers.

Table of contents

Why do businesses need Cyber Insurance now?

India has seen a massive rise in digital adoption—UPI transactions, cloud-based tools, remote work systems, and online business models. This has also resulted in a sharp increase in cybercrime.

  • According to CERT-In (Indian Computer Emergency Response Team), over 1.3 million cyber incidents were reported in 2022.
  • A report by IBM stated that the average cost of a data breach in India in 2023 was ₹17.9 crore—the highest ever recorded for the country.
  • The Digital Personal Data Protection (DPDP) Act, 2023 now requires businesses to protect personal data and report breaches—or face penalties.

Even with firewalls and antivirus software, no system is 100% secure. A single phishing email, weak password or malware download can shut down operations or leak sensitive data.

What risks does Cyber Insurance protect against?

Cyber Insurance typically helps businesses manage the financial damage from situations such as:

  • A ransomware attack locking systems until payment is made
  • Customer data like financial information, Aadhaar, or medical records being leaked
  • A phishing scam leading to stolen company funds
  • A cyberattack stopping business operations for days or weeks
  • Clients suing the company for not protecting their personal data

Who should consider buying Cyber Insurance?

This insurance is relevant for any business that:

  • Stores customer, employee or vendor data
  • Uses cloud platforms, online payments, or digital customer portals
  • Provides IT services, financial services, SaaS products or e-commerce solutions
  • Handles sensitive data like health records, financial transactions or identity documents
  • Works remotely or has a distributed workforce using laptops and Wi-Fi connections

This includes startups, SMEs, IT firms, fintech companies, hospitals, BPOs, digital agencies, schools, retail chains and even traditional companies using digital tools.

In simple terms

Cyber Insurance is a safety net for the digital side of your business. If a cyberattack or data breach happens, it helps cover the cost of fixing the damage, paying legal penalties, and getting your business back to normal.

Why Is Cyber Insurance Important?

Technology is now at the heart of how most businesses operate—whether it's online payments, customer data, remote teams, HR systems or cloud apps. But increased digital dependence also means increased exposure to cyber threats. A single phishing email, ransomware attack or data leak can lead to financial loss, business disruption and legal penalties.

This is where cyber insurance becomes essential. It acts as a financial and legal safety net when a cyberattack or data breach impacts your business.

1. Cyberattacks are Increasing in India

India is now one of the most targeted countries for cybercrime.

  • According to CERT-In, over 1.3 million cyber incidents were reported in 2022.
  • A report by Checkpoint Research (2023) found that Indian organisations face up to 2,000 cyberattacks per week on average.
  • The IBM Cost of a Data Breach Report 2023 shows that the average cost of a data breach in India has reached ₹17.9 crore.

This rise in cybercrime is driven by online banking, UPI payments, cloud storage, remote work and AI-enabled cybercriminals.

2. Financial Losses Can Be Severe

Even a single ransomware attack or data leak can cause huge costs:

Type of Loss Example
Ransom Payment Attackers demand money (often in cryptocurrency) to restore access
IT Recovery Cost Hiring cybersecurity experts to fix systems, restore data
Business Interruption Sales stop if servers, websites or apps go down
Customer Compensation Users demand refunds or penalties for leaked data
Legal Penalties Under the DPDP Act, non-reporting can lead to fines

Most small businesses cannot survive such sudden expenses without insurance.

3. Compliance and Legal Liability

The Digital Personal Data Protection (DPDP) Act, 2023 makes it mandatory for organisations to protect personal data. If a company fails to safeguard or report a data breach, penalties can go up to ₹250 crore.

Cyber insurance helps businesses:

  • Pay for legal expenses
  • Notify affected customers
  • Manage regulatory penalties (where legally allowed)
  • Hire data protection specialists

4. Reputation and Trust Damage

When customer or client data is leaked, trust is broken. It affects:

  • Brand reputation
  • Investor confidence
  • Vendor and customer relationships

Cyber insurance policies often include public relations (PR) support and crisis communication services to manage reputation damage.

In summary

Cyber insurance is no longer optional—it is a core part of business risk management. It protects against financial losses, legal actions, customer claims and operational downtime caused by cyberattacks. A firewall may stop an attack—cyber insurance helps if one succeeds.

What Does Cyber Insurance Cover?

Cyber insurance provides financial and legal protection when a business experiences a cyberattack, data breach or digital fraud. Coverage can be divided into two main categories — first-party (losses your business directly suffers) and third-party (claims made by clients, customers, or regulators against your business).

A. First-Party Coverage — Losses to Your Own Business

This section protects the business itself after a cyber incident.

Coverage Type What It Covers Example
Data Breach Response Expenses Cost of informing affected customers, notifying authorities, hiring cybersecurity experts You have to send emails and hire IT experts after customer data leaks
Data Restoration & System Repair Recovering lost files, restoring networks, reinstalling software Servers are corrupted by malware, and IT teams need to rebuild systems
Cyber Extortion & Ransomware Ransom payments, negotiation cost, cybersecurity consultant fees Hackers encrypt data and demand Bitcoin to restore access
Business Interruption Loss Loss of income during system downtime, extra cost to resume operations Website or payment system goes offline for days
Forensic Investigation Hiring cybersecurity firms to identify the cause, attacker and damage extent Digital forensics team checks how attackers entered the system
Reputation & PR Management Cost of hiring public relations specialists to control brand damage Hospital hires a PR agency after patient data is leaked

Hospital hires a PR agency after patient data is leaked

B. Third-Party Liability — Claims Against Your Business

These are costs your business must pay when clients, customers or regulators take legal action.

Liability Type What It Covers Example
Privacy Liability Claims from customers or employees whose personal data was compromised Customers sue after their Aadhaar/PAN/financial data is leaked
Regulatory Penalties & Legal Defence Lawyer fees, court expenses, regulatory investigations under IT Act or DPDP Act Data Protection Board issues a penalty notice for failing to protect user data
Media & Advertising Liability Lawsuits due to online defamation, copyright infringement or misleading content A competitor files a case over copyrighted images used in ads
Network Security Liability Covers claims for spreading malware or viruses accidentally to third parties Your infected system spreads malware to vendor’s system
Client Contract Breach Claims If you manage or store customer data and fail to protect it SaaS provider fails to secure client data, violating contractual terms

C. Optional Add-On Covers (Based on Industry Needs)

Add-On Cover Suitable For
Social Engineering Fraud Covers phishing/impersonation-based fund transfers
Cyber Crime Insurance For banking frauds, UPI fraud, credit card misuse
PCI-DSS Liability Cover For businesses handling debit/credit card data
Intellectual Property (IP) Cover For tech firms facing IP theft or code leak disputes

In summary

Cyber insurance helps a business recover from an attack, manage legal and regulatory fallout, pay affected customers, restore systems, and rebuild trust. It does not just cover the attack — it covers everything that comes after.

What Is Not Covered by Cyber Insurance? (Exclusions)

Cyber insurance offers financial protection against cyberattacks and data breaches, but it does not cover every kind of loss related to cyber risks. Understanding what is not included helps businesses avoid claim disputes and decide if they need additional insurance policies or stronger internal controls.

Key Exclusions in a Cyber Insurance Policy

1. Employee Dishonesty or Internal Fraud

If an employee intentionally steals money, manipulates data, or commits financial fraud, it is not covered under cyber insurance.

  • This is covered under Employee Dishonesty Insurance / Fidelity Insurance.

2. Physical Theft of Devices

If laptops, hard drives or servers are physically stolen from your office, this is excluded unless the policy includes a specific add-on.

  • Physical theft is usually covered under Property Insurance or Burglary Insurance, not cyber insurance.

3. Poor Security Practices or Known Vulnerabilities

Claims may be denied if:

  • The organisation ignored known security flaws
  • Default passwords, outdated software or no firewalls were in use
  • Mandatory breach reporting timelines were missed

Cyber insurance requires businesses to follow basic IT hygiene and security protocols.

4. Intentional or Illegal Acts by the Company

If business owners or senior management knowingly participate in illegal activities, data misuse or fake claims, insurance does not apply.

5. Loss of Future Profits or Intellectual Property Value

Cyber insurance covers direct financial loss, but not:

  • Future loss of revenue or drop in share price
  • Loss of intellectual property value (e.g., source code stolen by hackers)
  • Loss of market reputation beyond PR costs

6. Contractual Penalties Beyond Legal Liability

If a company has signed a contract promising compensation beyond what the law requires, the excess amount is not covered unless agreed in the policy.

7. Cyberattacks by Nation-States or War-related Incidents

Attacks linked to terrorism, war, or nation-state cyber warfare are usually excluded unless a “Cyber Terrorism Extension” is purchased separately.

Quick Snapshot — Covered vs Not Covered

Covered by Cyber Insurance Not Covered
Ransomware attacks Employee theft or internal fraud
Data breaches Physical theft of laptops/servers
Legal fees, regulatory fines Fines due to non-compliance before policy
System restoration Future profit loss or brand devaluation
Forensic investigation IP theft without direct financial loss
Customer data leak claims Nation-state attacks, war, terrorism (unless add-on)

Why this matters

Knowing exclusions ensures businesses:

  • Do not rely on cyber insurance alone for risk protection
  • Buy additional covers like Crime Insurance, E&O, or Fidelity Insurance if required
  • Maintain cybersecurity hygiene to avoid claim rejection

Who Needs Cyber Insurance?

Any business that uses computers, internet, cloud services, digital payments or stores customer data is at risk of a cyberattack. Cyber insurance is not just for large technology companies—it is equally important for startups, SMEs, hospitals, financial institutions, e-commerce platforms, professional firms and even schools.

If your business relies on data, systems or digital customer trust, you need cyber insurance.

Industries and Businesses That Benefit the Most

1. Startups and SMEs

Most startups and small businesses now operate entirely online—using cloud storage, CRMs, HRMS tools, UPI payments and digital customer onboarding systems. They are also easier targets because they often lack dedicated cybersecurity teams.

  • SaaS platforms
  • EdTech companies
  • Digital marketing agencies
  • HR/payroll software providers
  • Law firms and consulting firms managing confidential data

2. Fintech, NBFCs and Payment Service Providers

These businesses handle sensitive financial data and are often regulated by RBI, SEBI or IT Act. A breach can trigger lawsuits, DPDP Act penalties and RBI audits.

  • UPI and payment gateway companies
  • Lending/startup fintechs
  • Mutual fund and insurance aggregators
  • NBFCs and digital banks

3. Healthcare and Hospitals

Hospitals and diagnostic labs store patient medical histories, prescriptions, scans and insurance data—all highly sensitive.

  • Hospitals and clinics
  • Telemedicine platforms
  • Health-tech apps
  • Diagnostic labs and pathology centres

A ransomware attack can shut down critical systems, affecting patient care and making data recovery expensive.

4. IT, BPO and Outsourcing Companies

Indian IT and BPO firms handle global client data. A cyber incident could affect not only the company but also its international clients.

  • Software development firms
  • Cloud solution providers
  • Data processing and analytics companies
  • Call centres and customer support outsourcing

Most overseas clients now require cyber insurance certificates before signing contracts.

5. Retail, E-commerce and Logistics

These sectors collect personal and financial details such as card information, addresses and contact numbers.

  • E-commerce websites and delivery apps
  • Grocery and food delivery platforms
  • Chain stores and supermarkets with POS billing software
  • Warehousing and supply chain management platforms

Any breach could lead to loss of customer trust and financial claims.

In summary

You need cyber insurance if your business:

✔ Stores or processes customer data

✔ Accepts digital payments or UPI

✔ Operates on cloud servers or SaaS tools

✔ Has employee systems connected to the internet

✔ Works in finance, healthcare, IT, retail or e-commerce

Real Cyber Attack Examples and Claims

Cyberattacks aren’t limited to large multinational companies. Small and medium businesses are increasingly becoming targets because they often have weaker security systems. This section brings the concept to life with real scenarios—many of them based on incidents faced by Indian businesses.

Example 1: Ransomware Attack at a Healthcare Network

Industry: Hospital chain
Incident: A ransomware virus entered the hospital’s system through a phishing email. The attackers encrypted patient records, billing data and lab reports. They demanded payment in cryptocurrency to unlock systems.
Impact: Operations were halted for 3 days. Emergency services were affected because patient histories were inaccessible.
How Cyber Insurance Helped:

  • Paid for cybersecurity experts to restore data
  • Covered ransom negotiation costs
  • Paid for PR support to manage patient trust

Example 2: Phishing Fraud in a Logistics Company

Industry: Logistics and supply chain
Incident: An employee received an email that looked like it was from a supplier, asking for updated payment details. The finance team transferred ₹35 lakhs to a fake account.
How Cyber Insurance Helped:

  • Social engineering fraud cover reimbursed financial loss
  • Forensic experts traced the breach
  • Legal support provided for filing a cybercrime complaint

Example 3: E-commerce Data Leak — Customer Lawsuit

Industry: E-commerce startup
Incident: Hackers gained access to the company’s database through an exposed API. Over 50,000 customer details—email addresses, phone numbers and partial card data—were leaked online.
Impact: Customers began receiving fraudulent calls and filed complaints.
How Cyber Insurance Responded:

  • Paid for customer notification and helpline support
  • Covered legal defence and negotiation costs
  • Paid compensation claimed by customers

Example 4: IT Services Company Sued by Foreign Client

Industry: IT services (B2B software provider)
Incident: A malware attack caused service disruption in a US-based client’s operations. The client sued the Indian IT firm for business losses.
Cyber Insurance Role:

  • Covered legal defence in both countries
  • Paid for third-party liability and contract breach claims
  • Managed data restoration costs

Example 5: Payroll Data Breach in a Manufacturing Company

Industry: Manufacturing
Incident: Hackers sent a fake internal email requesting salary account details. Employees unknowingly shared bank account and Aadhaar information.
Impact: Salaries were diverted. Employees filed legal complaints.
How Insurance Helped:

  • Covered employee notification and credit monitoring services
  • Paid legal costs to settle HR disputes
  • Forensic teams investigated internal email compromise

Takeaway

These examples show that cyber risk is no longer an IT issue—it is a business survival issue. Cyber insurance doesn’t prevent attacks—but it ensures your finances, legal obligations and reputation are protected when an attack happens.

Types of Cyber Insurance Policies

Cyber insurance is not a one-size-fits-all policy. Depending on a company’s size, data sensitivity, and digital exposure, insurers offer different types of cyber insurance policies. Understanding these helps businesses choose the right level of protection rather than overpaying for features they don’t need.

1. Small Business / SME Cyber Insurance Policy

Designed for startups, small companies, agencies, local retailers, and professional firms using digital tools.

Coverage Includes:

  • Data breach response (notifying affected people, restoring systems)
  • Cyber extortion and ransomware payment support
  • Basic business interruption cover
  • IT forensic costs

Who should buy it?
Freelancers, consultants, small e-commerce brands, CA firms, doctors, small clinics, digital agencies.

2. Comprehensive Cyber Liability Insurance (For Mid & Large Enterprises)

This is a full-scale policy designed for businesses that store large amounts of personal, financial or health data of customers or employees.

Coverage Includes:

Covered Examples
First-party loss Ransomware, data recovery, business downtime
Third-party liability Customer lawsuits, contract breach, privacy violation
Regulatory fines Penalties under IT Act or DPDP Act
Reputation management PR, crisis communication

Who should buy it?
Hospitals, e-commerce platforms, fintechs, SaaS companies, logistics firms, manufacturing enterprises, banks, NBFCs.

3. Technology Errors & Omissions (Tech E&O) + Cyber Insurance

Combine cyber insurance with professional liability protection for IT service providers.

Coverage:

  • Cyberattacks + data breach costs
  • Financial loss caused to client due to software failure, coding error, incorrect implementation
  • Contract breach due to downtime or data loss

Ideal for: IT service companies, software developers, cloud service providers, IT consultants, managed service providers (MSPs).

4. Individual Cyber Insurance (for Employees, Freelancers, Families)

Many insurers in India now offer cyber insurance for individuals to protect against digital fraud.

Coverage Includes:

  • UPI or internet banking fraud
  • Credit/debit card theft or phishing
  • Identity theft and fake loan applications
  • Cyberstalking, online defamation, social media account hacking

Ideal for: Working professionals, high-net-worth individuals, teenagers using digital payments, senior citizens using online banking tools.

5. Industry-Specific Cyber Policies (Custom Add-ons)

Some cybersecurity risks are industry-specific. Insurers allow custom policy extensions.

Industry Key Add-On Covers
Healthcare Patient data breach, telemedicine system attacks
Banking/Fintech PCI-DSS, RBI compliance, customer fund fraud
E-commerce Payment gateway breach, API hacking
Manufacturing Industrial control system (ICS) cyberattacks
Education Student data protection, online learning platform hacks

In summary

Whether you’re a solo consultant or a large enterprise handling millions of customer records, there is a cyber insurance policy suited to your size and risk exposure. The key is choosing the right policy type before buying.

Cost & Premium Factors for Cyber Insurance

Cyber insurance premiums are not fixed—they vary based on the size of your business, the kind of data you handle, your cybersecurity systems and whether you’ve faced past cyber incidents. Understanding these factors helps businesses avoid overpaying or being underinsured.

How Much Does Cyber Insurance Cost in India?

  • Small businesses/startups: ₹25,000 – ₹75,000 per year
  • Mid-sized enterprises: ₹1–5 lakh per year
  • Large organisations handling sensitive or financial data: ₹5–50 lakh or more

Premiums increase based on risk, data volume and insurance coverage limit.

Key Factors That Affect Cyber Insurance Premiums

1. Business Size and Annual Turnover

Larger organisations have more people, operations and data—so the exposure is higher. Premiums are calculated partly on your revenue.

2. Industry Type

Lower Risk Moderate Risk High Risk
Marketing agencies, small offices Retail, logistics, SaaS Healthcare, fintech, e-commerce, IT services, BFSI

Industries dealing with financial, health or identity data usually pay more.

3. Nature and Volume of Data Stored

Higher sensitivity = higher premium.

  • Storing Aadhaar, PAN, medical records or credit card data? High-risk.
  • Storing only employee attendance or non-sensitive data? Lower risk.

4. Existing Cybersecurity Systems

Insurers may offer lower premiums if your business has:
✔ Multi-Factor Authentication (MFA)
✔ Firewalls & endpoint protection
✔ Regular data backups & cloud security
✔ Employee cybersecurity training
✔ GDPR / DPDP compliance policies

5. Past Cyber Incidents or Claims

Businesses that have already suffered cyberattacks may pay more unless they demonstrate improved security measures.

6. Coverage Amount (Sum Insured)

This is the maximum amount the insurer will pay per claim or per year.

Coverage Limit Suitable For Example Cost
₹50 lakh – ₹1 crore Startups, consultants, small SaaS firms ₹25k–₹70k/year
₹1–5 crore Hospitals, mid-sized IT firms, e-commerce ₹1–5 lakh/year
₹5–50 crore+ Banks, fintechs, BPOs, data-heavy enterprises ₹5–50 lakh/year

Higher sum insured = higher premium.

7. Add-On Covers (Optional Extras)

Add-On Cover Impact on Premium
Social engineering fraud +10–20%
Business interruption coverage +5–10%
Cyber extortion/ransom payment +8–15%
Worldwide jurisdiction cover Higher
PCI-DSS liability (card payment compliance) For fintech/e-commerce only

In summary

Your premium depends on what you do, how much data you store, how well you protect it and how much coverage you want. A ₹30,000 policy can save your business from crore-level losses during a cyberattack.

How to Buy Cyber Insurance (Step-by-Step Guide)

Buying cyber insurance doesn’t have to be complicated. The key is to choose a policy that matches your business size, data sensitivity and regulatory obligations—rather than just picking the cheapest premium.

Here’s a step-by-step breakdown to make the process easier:

Step 1: Assess Your Cyber Risk

Ask yourself:

  • What kind of data do we store? (customer details, payment information, health records?)
  • Where is the data stored? (cloud, internal server, third-party tools?)
  • What would happen if systems go offline for 24–48 hours?
  • Have we ever faced phishing, ransomware or data theft before?

This helps determine the coverage amount you need.

Step 2: Decide Coverage Amount (Sum Insured)

Coverage should reflect your financial risk—not just your budget.

Company Type Ideal Coverage
Startup / Small business ₹50 lakh – ₹1 crore
SaaS / E-commerce / EdTech ₹1 – ₹5 crore
Hospitals / IT services / Logistics ₹5 – ₹10 crore
Fintech, BFSI, data-heavy enterprises ₹10–50 crore+

Step 3: Gather Business and IT Details for Insurers

Most insurers will request:

  • Business registration, GST or CIN details
  • Annual revenue and number of customers/users
  • Details of IT setup (firewalls, antivirus, backup systems)
  • Data storage tools (AWS, Azure, Google Cloud, on-premises server)
  • Past cyber incidents, if any

Step 4: Compare Quotes — Not Just Price, But Terms

When comparing insurers, check for the following:

Factor Why It Matters
Coverage Limit Maximum claim payout
Deductible / Retention Amount you pay before insurance applies
Ransomware & cyber extortion cover Crucial for modern attacks
Business interruption cover Reimburses income loss during downtime
Regulatory fine coverage Important due to DPDP Act in India
Response time How quickly the insurer starts breach support

Step 5: Finalise and Issue Policy

Once you choose a policy:

  • Fill out the proposal form
  • Sign a “No Known Loss Statement” (declaring no past unnoticed breaches)
  • Pay premium and receive policy documents digitally
  • Share incident reporting process with IT and HR teams

Step 6: Train Teams & Create a Cyber Response Plan

Insurance only helps after a breach—prevention still matters.

  • Train employees on phishing and password safety
  • Set up a response team (IT + legal + HR + finance)
  • Maintain backups and incident logs
  • Keep insurer’s claim helpline and policy number handy

In summary

The right cyber insurance policy is not just a financial product—it is part of your company's risk management framework. Choose wisely, document clearly and ensure your team knows what to do when a breach happens.

Frequently Asked Questions (FAQs) on Cyber Insurance

1. What is cyber insurance in simple words?

Cyber insurance protects a business from financial losses, legal claims and recovery expenses when a cyberattack, data breach or digital fraud happens.

2. Is cyber insurance mandatory in India?

No, it is not legally mandatory. However, sectors like banking, IT services, healthcare and companies working with foreign clients often require it for compliance or contractual purposes. Many investors and corporate clients now ask startups to show proof of cyber liability coverage.

3. Does cyber insurance cover ransomware attacks?

Yes. Most policies cover:
✔ Ransom payment and negotiation costs
✔ System recovery and data decryption support
✔ Legal and forensic investigation expenses

However, ransom payment is only covered if it is legal under Indian law.

4. Does it cover phishing or email fraud?

Only if your policy includes Social Engineering Fraud or Funds Transfer Fraud as an add-on. Basic cyber policies may not cover losses if employees voluntarily transfer money to a fraudulent account.

5. Will it pay penalties or fines under the DPDP Act or IT Act?

Some policies cover regulatory penalties (where legally permissible), but only if:

  • Your business was compliant before the breach
  • You reported the breach within mandatory timelines
  • The penalty is insurable under Indian law

6. What types of businesses should buy cyber insurance?

Any business that uses digital tools, stores data, accepts online payments or operates on cloud systems should consider it. This includes startups, SaaS companies, fintechs, IT firms, hospitals, e-commerce platforms, BPOs, schools and even retailers.

7. Does cyber insurance cover employee mistakes?

Yes, if the mistake is accidental (such as clicking a phishing link). But if the employee commits fraud or steals money/data intentionally, it is not covered—this needs Employee Dishonesty Insurance.

8. What is not covered by cyber insurance?

  • Physical theft of laptops/servers
  • Employee fraud or internal theft
  • Known security vulnerabilities left unfixed
  • Cyberattacks related to war or terrorism (unless add-on is purchased)
  • Loss of future business revenue or intellectual property value

9. Can individuals buy cyber insurance?

Yes. Many insurers offer personal cyber insurance covering UPI fraud, debit/credit card theft, identity theft and social media hacking for individuals and families.

10. How do I make a claim if a cyberattack happens?

  1. Report the attack to the insurer immediately
  2. File an FIR or cybercrime complaint if required
  3. Submit logs, screenshots, invoices, forensic reports
  4. The insurer verifies the incident and approves expenses
  5. Compensation is released as per policy limits

Why Choose Plum for Cyber Insurance

Cyber insurance is not just about buying a policy—it’s about choosing the right protection for your business, understanding what is covered, and getting support when an actual breach happens. Plum helps companies navigate all three.

1. Access to Trusted Cyber Insurance Providers

Plum works with leading IRDAI-approved insurers like HDFC ERGO, ICICI Lombard, Tata AIG, Bajaj Allianz, Reliance General and Future Generali. This ensures:

  • Coverage is compliant with Indian regulations
  • Policies can be customised for startups, SMEs and large enterprises
  • You receive multiple quotes—not just one insurer’s option

2. Tailored Coverage for Your Industry and Business Size

Plum helps match cyber insurance coverage to your specific risk profile.

Business Type What Plum Helps Cover
Startups / SMEs Data breach, ransomware, basic liability cover
SaaS / IT services Client contract liability + technology E&O
Hospitals / Clinics Patient data breach, medical records protection
E-commerce / Fintech Payment fraud, cyber extortion, privacy lawsuits
Banks / NBFCs / BFSI PCI-DSS compliance, financial fraud, DPDP penalties

3. Quick Digital Onboarding — No Paperwork Hassles

  • Risk assessment, proposal form and underwriting are done digitally
  • Policy documents and Certificate of Insurance are issued online
  • This helps when investors, clients or landlords require proof of insurance

4. Support During a Cyber Incident / Claim

Many organisations do not know what to do first when a cyberattack happens. Plum offers structured claim assistance:

  • Guides you on immediate steps to take (isolation, reporting, FIR, CERT-In notification)
  • Coordinates with insurers for data breach response teams and forensic experts
  • Helps with documentation — legal notices, invoices, audit reports, email logs etc.
  • Assists in claim filing and follow-ups until settlement or resolution

While the final decision lies with the insurer, correct and timely reporting improves approval chances.

5. Affordable for SMEs and Scalable for Enterprises

  • Policies start at ₹25,000–₹50,000 per year for small businesses
  • Coverage options from ₹50 lakh to ₹50 crore+ based on risk
  • Premiums scaled according to revenue, data volume and compliance structure

In Summary

Plum does not change the core insurance policy—it simplifies how you buy it, customise it, and use it when something goes wrong. With transparent comparisons, expert guidance and claim support, Plum makes cyber insurance practical for modern Indian businesses.

Protect your business with Plum.

Plum’s Business Insurance suite covers the risks that keep founders up at night.

Book a demo
products
Group Health Insurance
Group Term Life Insurance
Group Personal Accident Insurance
Healthcare for teams
Care Program
Health Checkup
Telehealth
Mental Health
Personal insurance
Health Insurance
Life Insurance
Super Top-up
Solutions
For Startups
For SMBs
For Enterprise
Resources
Case Studies
Blog
E-books
Humanise
Experience
Plum Care
Employee
Admin
Business Insurance
Directors and Officers Insurance
Cyber Insurance
Commercial General Liability Insurance
Errors and Omissions Insurance
Employee Dishonesty Insurance
Asset Insurance
Resources
Case Studies
Blog
E-books
Humanise
Company
About Us
Careers
Terms and Conditions
Contact
Plum Support
Sales Enquiries: sales@plumhq.com
Press and Media Enquiries:
media@plumhq.com

Primeco Union City, Block B, 6th Floor, ITPL Main Rd, Bengaluru, Karnataka 560067

ISO/IEC 27001:2013, SOC 2 Type 2, and GDPR certified

Insurance products are offered and serviced by Plum Benefits Insurance Brokers Pvt Ltd | IRDAI Registration Code: IRDA/DB1001/2022, Certificate No. 897, License category - Direct Broker (Life & General), Valid till 04-06-2026 | CIN U66000KA2022PTC160458

Disclaimer
Privacy policy
Grievance redressal