Cyber Insurance
Call Us: 603-766-3733
A single ransomware attack cost a mid-sized manufacturer in southern New Hampshire $4.2 million last year: $1.1 million in ransom payment, $800,000 in forensic investigation, and the rest in lost revenue during three weeks of downtime. Their general liability policy covered none of it. Their cyber policy, purchased 18 months earlier for under $15,000 annually, covered nearly all of it. That gap between protected and exposed is exactly why cyber insurance deserves serious attention from every business owner and high-net-worth family managing digital assets, smart home systems, or even a modest e-commerce operation. This guide to data breach response, ransomware recovery, business interruption, and cyber extortion coverage breaks down what you actually need to know before a breach forces you to learn the hard way.
The Evolution of Cyber Insurance in the Modern Threat Landscape
Cyber insurance barely existed before 2005. Early policies were bolted onto professional liability forms and mostly addressed data breach notification costs. By 2020, ransomware had exploded, and insurers scrambled to price risk they barely understood. Fast forward to 2026, and the market has matured considerably: premiums have stabilized after sharp increases between 2021 and 2024, coverage forms are more standardized, and underwriters now require specific security controls before they'll even quote a policy.
The market shift matters for buyers. Carriers like Coalition, Corvus, and specialty divisions within Chubb and AIG have built sophisticated risk models that reward businesses with strong security postures. Premiums for well-prepared organizations have actually decreased 8-12% since 2024, while poorly secured businesses face surcharges or outright declinations. This isn't a commodity product you grab online for the cheapest price: it's a coverage area where a consultative approach, like the one Avery Insurance Agency has used for over 125 years, genuinely pays off by matching your specific risk profile to the right carrier and form.
Defining First-Party vs. Third-Party Coverage
First-party coverage pays for your own losses: forensic investigation, data restoration, business interruption, ransom payments, crisis communications, and credit monitoring for affected customers. This is the coverage that keeps your business alive during and after an incident.
Third-party coverage handles claims others bring against you: lawsuits from customers whose data was compromised, regulatory fines and penalties, and defense costs from government investigations. If you store customer financial data, health records, or personally identifiable information, third-party exposure is significant.
Most standalone cyber policies bundle both. The critical question is how much of each you need, which depends on your data footprint, revenue, and industry.
Key Policy Exclusions and Common Limitations
Every cyber policy has gaps. Common exclusions include acts of war (which increasingly covers nation-state attacks), unpatched known vulnerabilities, and losses from systems you knew were compromised before the policy period began. Social engineering fraud, where an employee is tricked into wiring money, often requires a separate endorsement.
Retroactive dates matter enormously. If a breach occurred before your policy's retroactive date but was discovered during the policy period, you may have no coverage. Sub-limits are another trap: a policy with a $5 million aggregate might cap ransomware payments at $500,000 or forensic costs at $250,000. Read the declarations page carefully.
By: Tod O’Dowd, CIC, CAPI
President of Avery Insurance Agency
When a breach happens, the clock starts immediately. All 50 states plus the District of Columbia have breach notification laws, and the timelines vary from 30 to 90 days. Miss a deadline, and you're looking at regulatory penalties on top of the breach costs themselves. A good cyber policy doesn't just reimburse these expenses: it provides a breach response team, often through a pre-selected panel of vendors, that activates within hours.
The legal exposure from a data breach extends well beyond notification letters. Class action lawsuits following breaches routinely settle in the tens of millions for larger organizations. Even smaller businesses face individual claims, state attorney general investigations, and potential PCI-DSS fines if payment card data was involved.
Forensic Investigations and Evidence Preservation
Forensic investigators determine how attackers got in, what data was accessed, and whether the threat has been contained. This work typically costs between $200 and $500 per hour, and complex investigations can run $300,000 or more. Your cyber policy should cover these costs under first-party coverage, but pay attention to whether the insurer requires you to use their approved forensic firms.
Evidence preservation is both a legal and practical necessity. Wiping systems before forensics are complete can destroy evidence needed for law enforcement cooperation and may actually void portions of your coverage. The best policies include pre-breach planning services that establish evidence preservation protocols before an incident occurs.
Regulatory Fines and Mandatory Notification Costs
Notification costs add up faster than most people expect. Printing, postage, call center setup, credit monitoring subscriptions, and identity theft protection services for affected individuals can run $5 to $30 per record. A breach affecting 50,000 records could easily generate $500,000 in notification costs alone
Regulatory fines vary dramatically by jurisdiction. HIPAA violations can reach $2.1 million per violation category per year. State-level fines under laws modeled after California's CCPA range from $2,500 to $7,500 per intentional violation. Not all policies cover regulatory fines, and some states prohibit insuring against certain penalties, so this is an area where policy language matters enormously.
Ransomware Recovery and Cyber Extortion Protocols
Ransomware attacks hit a business every 11 seconds globally in 2025, and the average ransom demand for mid-market companies now exceeds $1.5 million. The decision to pay or not pay is agonizing, and your cyber insurance policy shapes that decision in ways most policyholders don't anticipate until they're in crisis mode.
The Role of Ransomware Negotiators and Cyber Adjusters
Most quality cyber policies provide access to professional ransomware negotiators. These specialists communicate with threat actors, verify that decryption keys actually work, and frequently negotiate demands down by 40-60%. They also check ransom recipients against OFAC sanctions lists, which is critical because paying a sanctioned entity can trigger federal penalties regardless of the circumstances.
Cyber adjusters differ from traditional claims adjusters. They understand network architecture, can evaluate whether forensic costs are reasonable, and coordinate between legal counsel, PR firms, and IT teams simultaneously. Having an insurer with experienced cyber adjusters, rather than generalists handling their first ransomware claim, can mean the difference between a three-week recovery and a three-month nightmare.
Coverage for Payment of Ransoms vs. Data Restoration
| Coverage Element | Standard Cyber Policy | Enhanced Cyber Policy |
|---|---|---|
| Ransom payment | Covered with sub-limit ($250K-$500K typical) | Covered up to full policy limit |
| Data restoration | Covered, often with 72-hour waiting period | Covered from hour one |
| System rebuilding | Partial: software only | Full: hardware and software |
| Negotiator access | Panel vendor required | Choice of vendor |
| Bricking coverage | Excluded | Included (hardware rendered useless) |
The distinction between ransom payment coverage and data restoration coverage is important. Even when a ransom is paid, decryption often fails or only partially recovers data. Policies that include strong data restoration and system rebuilding coverage protect you regardless of whether the ransom route works.
Mitigating Financial Losses from Business Interruption
Business interruption is often the largest component of a cyber loss. The attack itself might be contained in days, but the revenue impact can stretch for months. Cyber business interruption coverage functions similarly to traditional BI coverage but is triggered by a cyber event rather than physical damage.
Calculating Lost Revenue During System Downtime
Insurers typically calculate lost revenue based on your historical financial records, comparing actual revenue during the interruption period to what you would have earned. The waiting period (often 8-12 hours for standard policies) is a deductible of sorts: losses during that window come out of your pocket.
One common mistake is underestimating the interruption period. A company might restore systems in five days but lose customers for months afterward. Extended indemnity periods, which cover ongoing revenue loss after systems are back online, are worth negotiating into your policy. At Avery Insurance Agency, our consultative approach specifically examines these tail-risk scenarios that standard quotes often overlook.
Dependent Business Interruption and Supply Chain Risks
Your business doesn't exist in isolation. If your cloud provider, payment processor, or key supplier suffers a cyber attack, your revenue stops even though your own systems are fine. Dependent business interruption coverage (sometimes called contingent business interruption) addresses this exposure.
This coverage has become essential as supply chains grow more digitally interconnected. The 2025 attack on a major logistics platform disrupted shipping for thousands of e-commerce businesses for nearly two weeks. Companies with dependent BI coverage recovered financially; those without absorbed the losses entirely.
Getting approved for cyber insurance has become significantly harder since 2022. Carriers now require evidence of specific security controls, and applications have grown from two-page questionnaires to detailed technical assessments.
Essential Controls: MFA, Encryption, and Backups
Three controls are non-negotiable for virtually every cyber insurer in 2026:
- Multi-factor authentication on all remote access, email, and privileged accounts
- Encryption of sensitive data at rest and in transit
- Offline, immutable backups tested at least quarterly
Missing any of these three will result in a declination from most carriers or a significant premium surcharge. Endpoint detection and response (EDR) tools, privileged access management, and employee security training are increasingly required as well.
Risk Assessments and the Impact of Incident History
Underwriters review your claims history, but they also look at your security maturity. Organizations that conduct regular penetration testing, maintain an incident response plan, and can demonstrate board-level oversight of cybersecurity receive materially better terms.
A prior cyber claim doesn't automatically disqualify you, but how you responded matters. Companies that suffered a breach, improved their controls, and can document those improvements often receive competitive quotes. Companies that suffered a breach and changed nothing face steep premiums or declinations.
Cyber insurance is no longer optional for any organization handling sensitive data or dependent on digital systems, which in 2026 means essentially everyone. The right policy covers breach response costs, ransomware recovery, lost revenue during downtime, and the legal fallout from compromised data. The wrong policy, or worse, no policy at all, leaves you absorbing six- and seven-figure losses that could have been transferred for a fraction of the cost.
Start by auditing your current security controls against the MFA, encryption, and backup requirements that carriers demand. Then work with an independent agency that understands cyber risk at a granular level. Avery Insurance Agency's team can evaluate your digital exposure alongside your broader asset protection strategy, ensuring no gaps exist between your cyber, general liability, and professional liability coverage. Call to schedule a consultation before your next renewal.
Frequently Asked Questions
How much does cyber insurance cost for a small business? Premiums for businesses with under $25 million in revenue typically range from $3,000 to $25,000 annually, depending on industry, data volume, and security controls in place.
Does my general liability policy cover data breaches? Almost certainly not. General liability policies contain broad cyber exclusions. You need a standalone cyber policy or a specific cyber endorsement.
Will my insurer pay a ransom without my approval? No. The decision to pay always rests with the policyholder. Your insurer provides negotiators and guidance, but you make the final call.
Can I get cyber insurance if I've already had a breach? Yes, though expect more scrutiny. Carriers want to see what remediation steps you took after the incident. Documented improvements to your security posture help significantly.
What's the typical waiting period for business interruption coverage?
Most policies have an 8 to 12-hour waiting period before business interruption coverage kicks in. Some enhanced policies reduce this to as little as one hour.
ABOUT THE AUTHOR:
Tod O’Dowd, CIC, CAPI
I'm the President of Avery Insurance Agency, a family-owned independent agency serving individuals and businesses across New England and in 40+ states. With a hands-on, consultative approach to personal and commercial risk, I help clients — from high-net-worth homeowners and contractors to restaurant owners and property managers — find the right coverage without the guesswork of working with a single-carrier agent.
What Our Clients Say
Trusted by Families and Businesses for Over a Century
Trusted by New Hampshire Families and Businesses for Over a Century
Your Life. Protected.
Complete Personal Insurance for Individuals Who Expect More
One Agency. Every Coverage You Need. No Gaps, No Surprises.
Home Insurance
Your home is your most valuable asset. Avery’s home insurance protects your property, belongings, and liability so you can feel secure no matter what happens.
High-Value Home Insurance
Own a home valued over $2 million? Our Premier Client Services program provides coverage built around high-value properties and the unique risks they carry.
Auto Insurance
Whether you drive a daily commuter, a classic car, or a motorcycle, Avery finds the right auto coverage for your vehicle and your budget.
Boat & Watercraft Insurance
From small boats on New Hampshire’s lakes to luxury yachts, Avery provides watercraft insurance covering your vessel, passengers, and liability on the water.
Umbrella / Personal Liability Insurance
An umbrella policy adds an extra layer of liability protection above your home and auto coverage. One of the most cost-effective ways to protect your financial future.
Valuable Possessions Insurance
Jewelry, art, collectibles, and other high-value items need coverage beyond a standard homeowners policy. Avery insures your most prized possessions at full appraised value.
Protect Your Business & Livelihood
Commercial Insurance Solutions Designed for New England Businesses.
Comprehensive Commercial Coverage That Keeps Your Business Running
General Liability Insurance
Protect your business from third-party claims of bodily injury, property damage, and personal injury. General liability is the foundation of any solid business insurance program.
Commercial Property Insurance
Covers your building, equipment, inventory, and other physical assets against fire, theft, vandalism, and other covered losses. Keep your business protected from the unexpected.
Workers’ Compensation Insurance
Workers’ comp covers medical costs and lost wages when an employee is injured on the job. Avery helps businesses meet state compliance requirements and manage costs effectively.
Cyber Liability Insurance
Data breaches and cyberattacks are a growing risk for businesses of all sizes. Cyber liability covers response costs, legal fees, and customer notification expenses after a security incident.
Employment Practices Liability Insurance
Covers your business against employee claims of wrongful termination, discrimination, harassment, and related issues. Essential for any business with employees.
Commercial Auto Insurance
Whether a single truck or a full fleet, commercial auto insurance protects your business against accidents, damage, and liability on the road.
We Know Your Industry
Tailored Insurance Programs for the Industries That Drive New Hampshire
We Understand the Risks Your Industry Faces — and How to Manage Them
Contractors Insurance
From general contractors to specialty trades, Avery understands the unique liability and property exposures your business faces on every job site in New England. We build coverage programs that keep your crew and company protected.
Restaurants & Hospitality
Restaurants, hotels, and marinas face distinct risks — from slip-and-fall liability to liquor liability and food spoilage. Avery designs coverage programs for the specific needs of the hospitality industry.
Real Estate & Property
Whether you own a portfolio of investment properties or manage a condo association, Avery provides the right mix of property, liability, and management coverage to protect your real estate investments.
We Make It Simple
Getting Covered with Avery Is Easy
Step 01
Connect with an Avery Advisor
Call, email, or request a coverage online and we will respond the same business day.
Step 02
We Build Your Coverage Plan
We shop top-rated carriers, compare your options, and recommend the best fit for your needs.
Step 03
You Get Protected and Stay Protected
We place your coverage, review it annually, and advocate for you if you ever need to file a claim.
Let’s Clear Things Up
Got Questions? We’ve Got Answers.
Straight Answers From the Advisors Who Know This State Best
What does it mean that Avery is an independent insurance agency?
An independent agency like Avery is not tied to any single insurance company. We represent multiple top-rated carriers, which means we can shop the market on your behalf and recommend the coverage that truly fits your needs — not the one that benefits any single insurer.
This independence gives you access to more options and unbiased advice. Our advisors are compensated to serve your interests, not to push a specific product. That is a significant advantage over captive agents who can only offer one carrier’s policies.
How much does it cost to work with an Avery advisor?
There is no direct cost to you for working with an Avery advisor. Independent agents are compensated through commissions paid by the insurance carriers when a policy is placed. You receive expert guidance, market comparisons, and ongoing service at no extra charge.
In fact, many clients find that working with Avery saves them money. Our advisors know how to identify the right coverage levels so you are not paying for protection you do not need, and you are not left exposed where you do.
Does Avery help with claims?
Yes — and this is one of the most important things that sets Avery apart. When you have a claim, our in-house claims advisors go to work for you. We guide you through the process, communicate with the insurance company, and advocate for a fair and timely outcome.
Several of our team members hold professional claims designations, including AIC and AINS. We do not just help you file paperwork — we actively represent your interests to make sure you receive the full benefit your policy provides.
Where in New Hampshire does Avery provide coverage?
Avery serves clients throughout the state of New Hampshire from our offices in Wolfeboro and Portsmouth. Whether you live in the Lakes Region, the Seacoast, the White Mountains, or the Merrimack Valley, an Avery advisor is ready to help you find the right coverage.
Our advisors understand the specific risks that come with living and doing business in New Hampshire — from harsh winter weather to seasonal watercraft exposure. We apply that local knowledge to every coverage recommendation we make.
How does Avery handle high-value homes and assets?
Avery offers a dedicated Premier Client Services program for clients with homes valued over .5 million, significant investment portfolios, fine art collections, jewelry, yachts, and other complex assets. This program pairs you with a specialist who understands the unique risks of high-net-worth households.
Through carriers that specialize in high-value personal lines, we provide guaranteed replacement cost coverage, agreed value policies, and comprehensive risk management strategies. Your advisor will conduct a detailed review of your full asset portfolio to make sure nothing is overlooked or underinsured.
How often should I review my insurance coverage?
Avery recommends a full coverage review at least once a year. Major life events — buying a home, starting a business, adding a vehicle, getting married, or making significant home improvements — are all good triggers for an immediate review outside your annual cycle.
Insurance needs change over time, and policies that were right for you a few years ago may leave gaps today. Avery advisors proactively reach out to clients for annual reviews and keep up with changes in the insurance market that could affect your coverage or premium. Our goal is to make sure you are always protected and never paying for coverage that no longer fits.
Insurance Tips & News
Stay Informed with the Avery Blog
Practical Insurance Advice for New Hampshire Families and Business Owners
Contact Us
Portsmouth (HQ)
7 Islington St #102, Portsmouth, NH 03801
Phone Number: 603.766.3733
Wolfeboro
21 S Main Street, Wolfeboro, NH 03894
Phone Number: 603.569.2515