Off-Canvas Menu Button

Cyber criminals love small businesses

Learn how to help protect your small business with the Cyber Savvy insurance guide

VIEW THE INSURANCE GUIDE
Insurance Bureau of Canada Logo

Brought to you by Insurance Bureau of Canada, Canada’s trusted source for property and casualty (P&C) insurance knowledge, resources and advocacy.

Cyber crime is a lucrative operation, and some artificial intelligence tools are being misused to make it even more efficient. All it takes is one click. What might look like an attached invoice or a security alert could launch your business into a full-blown crisis with financial loss, lawsuits and a damaged reputation.

That’s why it is more important than ever for businesses and organizations to take proactive measures to protect themselves. This means having a robust defence strategy, including building a strong cyber security plan and helping protect your company with the right cyber insurance policy.

Did you know?

Canada ranks second in the world for countries most affected by ransomware attacks, with 216 victims in the first half of 2025.
(Source: Toronto Star, August 5, 2025.)

The average total cost of a data breach to a Canadian company is almost $7 million.
(Source: IBM, Cost of a Data Breach Report, 2025. Converted from USD on September 16, 2025.)

Fast Facts: Cyber Insurance Explained

  • Cyber insurance is a specialty insurance product intended to help protect businesses from loss resulting from digital risks such as data confidentiality breaches, technology disruptions and cyber extortion.

  • Cyber insurance can cover loss resulting from a range of cyber events, including:

    • Data confidentiality breaches: The loss of and/or unauthorized access to or disclosure of confidential or personal information.
    • Technology disruptions: A technology failure or denial-of-service attack.
    • Cyber extortion: A demand for payment under threat of causing harm to your data; for example, disabling your operations or compromising your confidential data.
    Note: This list is not exhaustive as cyber coverage can vary from insurer to insurer and can be customized to address the needs of a particular organization.

  • Cyber insurance can help businesses cover a number of costs resulting from these cyber events, including:

    • Network systems and electronic data restoration expenses: Restoring or recovering damaged or corrupted data caused by a breach, denial-of-service attack, or ransomware.
    • Security breach remediation and notification expenses: Notifying affected parties and mitigating potential harm from a privacy breach, such as providing credit monitoring to affected individuals.
    • Forensic investigations expenses: Hiring a firm to investigate the root cause and scope of the data breach.
    • Legal costs and civil damages: Paying for legal representation up to the policy’s specified limit, and possible damages related to a privacy or network security breach.

  • No, most property or liability policies do not cover cyber risks, data confidentiality breaches or have offer very limited coverage. Cyber insurance products are provided in one of three ways:

    • Stand-alone cyber insurance policies (policies specifically for cyber risks) are the most common cyber policies in Canada, the United States and Europe.
    • A traditional property and liability insurance policy that may include limited coverage for some cyber events. These policies typically have low limits that would not cover the full cost of a breach or cyber attack.
    • Endorsements (also known as riders) can add, remove or exclude certain cyber coverages, altering a cyber or traditional insurance policy to meet specific needs.
    IBC encourages business owners to determine if cyber insurance is right for them. Their insurance representatives can help find coverage that will provide them with optimal protection.

Thinking about getting cyber insurance?
Explore IBC’s free resources to get started

Cyber Savvy Insurance Guide
Learn about defending your organization with cyber insurance, and the critical steps to reduce the chances of your business being targeted.
Click to View
Cyber Insurance Checklist
List of questions you could be asked when applying for cyber insurance
Click to View
Creating A Cyber Security Plan
Measures you should consider when developing your cyber plan (Canadian Centre for Cyber Security)
Click to View
Cyber Savvy Checklist
Get a better understanding of whether you are taking the right steps to help safeguard your business from cyber risk
Click to View

Cyber Insurance Assessment

Take this 10-question Cyber Insurance Assessment to learn more about the cyber security protocols that most cyber insurers want you to have and for ways to reduce your business’ risk. This assessment also offers some questions that cyber insurers may ask you.

LET’S BEGIN

Step 1 of 10

1. Does your business collect, process or store customers’ personal, confidential or financial information (e.g. home addresses, health records, credit card numbers)?(Required)
Disclaimer: Insurance Bureau of Canada’s Cyber Insurance Assessment provides general information about cyber risk for your convenience only. This information should not be construed as providing specific cyber security advice.

Research & News

Insurance Bureau of Canada recently conducted a poll on actions, knowledge and sentiment about cyber risk and cyber security among business owners and decision makers at small and medium-sized businesses in Canada.

Click to View
Media Release
Click to View
Research

What does a cyber attack look like?

Harmonizing cyber reporting – A step toward more predictable regulation

ibc.ca
 - August 7, 2025
View Article

Cyberattacks are at an all-time high globally. Here’s where Canada ranks

thestar.com
 - August 5, 2025
View Article

How trade policies are expanding supply chain cyber risks

weforum.org
 - May 20, 2025
View Article

School boards hit with ransom demands linked to PowerSchool cyberattack

cbc.ca
 - May 7, 2025
View Article

Click to View News Archive

More Information

Cyber Savvy Insurance Guide
Learn about defending your organization with cyber insurance, and the critical steps to reduce the chances of your business being targeted.
Click to View
Cyber Safety
Be cyber savvy and stay current with cyber safety best practices
Click to View
Protect Your Business
Steps you can take to protect your organization’s networks and information from cyber threats
Click to View
CyberSecure Certification
Consider Canada’s cybersecurity certification program for your small or medium-sized organization
Click to View
Security Planner
Create a personalized plan to secure your data
Click to View
Get Cyber Safe
Simple steps you can take to reduce cyber risk
Click to View
Phishing: don’t get reeled in
Learn more about the most common cyber threat
Click to View
Have you been a victim of cybercrime?
Information from the RCMP on how to report cybercrime
Click to View
Canadian Anti-Fraud Centre
Get information on past and current scams affecting Canadians
Click to View

About

The Cyber Savvy Canada website was created by the Insurance Bureau of Canada (IBC) to help increase cyber awareness among Canadian employees and businesses and educate on the simple steps we can all take to reduce our cyber risk at work.

Established in 1964, Insurance Bureau of Canada (IBC) is the national industry association representing Canada’s private home, auto and business insurers. Its member companies make up the vast majority of Canada’s highly competitive property and casualty (P&C) insurance market.

Are you a business owner? IBC is here to help.

Business owners with questions about how to protect their business from cyber risks, including cyber insurance, can visit ibc.ca or call IBC’s Business Helpline at 1-844-2ask-IBC.

Insurance Bureau of Canada Logo
Cyber Savvy Logo
Facebook Icon" Instagram Icon" X Icon" LinkedIn Icon"