Cyberattacks Can Destroy a Business in an Instant
Imagine your company’s entire operational system suddenly being locked down. Customer data is inaccessible, transactions are halted, and company email is compromised by hackers. Within hours, your reputation and customer trust are destroyed, and financial losses begin to mount.
That is the real impact of cyber attacks.
Cases like this are no longer fiction or confined to foreign countries. Indonesia now has one of the highest rates of cyberattacks in Asia, especially following major incidents such as:
- Ransomware attack on National Data Center (PDN) in 2024,
- Tokopedia and BSI data leak,
- Up to 1.3 million users’ data sales MyPertamina in dark forums.
- Amidst these increasing threats, Cyber Insurance is present as a very important form of financial protection for companies.
However, many business people in Indonesia do not yet understand what is actually guaranteed and excluded by cyber insurance policies.
This is where PT. Liberty and General Insurance Broker (L&G Insurance Broker) plays a role in helping companies thoroughly understand the policy’s contents, ensuring that protection is truly effective when an incident occurs.
Contact L&G Insurance Broker now at Phone number 08118507773 for a free consultation before the risks haunt your business.
What is Cyber Insurance and Why is it Necessary
Cyber insurance is a type of protection that covers financial losses resulting from attacks or disruptions to a company’s digital systems, data, or computer networks.
The main objectives of this insurance are:
- Protect asset digital,
- Cover the cost of recovery,
- Provide compensation for lost income,
- And manage legal and reputational impacts.
In the Indonesian context, this need has become increasingly relevant since the enactment of the Personal Data Protection Law (PDP Law) in 2022, which requires every data manager to maintain security and be accountable for any leaks of personal information.
Types of Protection (Coverage) in Cyber Insurance Policy
Cyber insurance coverage can be divided into two large groups: first-party cover (losses experienced by the company itself) and third-party cover (legal liability towards other parties).
Here is the complete explanation:
- First-Party Cover (Direct Loss)
- Data Breach Response
Cover the costs arising from a breach of customer or employee personal data, including:
- Notification to data owners,
- Legal consultation fees,
- Credit monitoring services,
- Public relations (PR) costs to control a reputation crisis.
📌Example: An e-commerce company in Jakarta experienced a data breach involving 200,000 customers. Notification and media management costs reached Rp 1.2 billion—all covered by a cyber insurance policy.
- Cyber Extortion / Ransomware
Cover the costs of system recovery, negotiations, and even ransom payments to hackers (within applicable legal limits).
It usually also includes the cost of a forensic IT consultant.
📌Example: A ransomware attack on Bank Syariah Indonesia (2023) caused national disruption. With cyber policy, the company could obtain emergency funding to restore its systems and negotiate with the hackers.
- Business Interruption
Provides compensation for lost income or additional costs arising from computer system disruptions.
📌Example: A factory’s ERP system is down for 5 days due to malware. The policy covers lost revenue and the cost of renting a backup server.
- Data Restoration
Covers the costs of recovering, restoring, or replacing digital data lost or damaged due to an attack.
- Reputation Management
Covers the costs of PR consultants, media campaigns, and crisis communications to restore the company’s image after a cyber incident.
- Third-Party Cover (Legal Liability)
- Network Security Liability
Bear legal responsibility if the company system is used as a source of attack that harms other parties.
📌Example: Your company’s server is hacked and used to launch a DDoS attack on another company — you could be sued, and your legal defense costs would be covered by the policy.
- Privacy Liability
Cover legal costs and compensation due to negligence in protecting the personal data of third parties (customers, clients, or employees).
- Regulatory Fines and Penalties
Bear fines or sanctions from regulators for violations of personal data policies, as long as they do not conflict with applicable laws.
- Media Liability
Cover legal risks related to digital content such as publication errors, defamation, or copyright infringement on the company’s website/social media.
Optional Endorsements
Brokers like L&G Insurance Broker often help companies add additional coverage to better suit industry-specific needs, including:
| Additional Coverage | Description |
| Social Engineering Fraud | Covering losses due to social manipulation such as fake emails (phishing) that cause staff to transfer funds to fraudsters’ accounts. |
| Cryptojacking | Protection against misuse of company servers to mine cryptocurrency without permission. |
| Reputational Harm Loss | Compensation for decreased income due to negative media coverage following the attack. |
| System Failure (Non-Malicious) | Covers losses due to internal system disruptions, not due to hacker attacks. |
What is Excluded (Exclusions)
It is equally important to understand what the police do not cover.
Brokers like L&G ensure clients understand all exclusions before purchasing a policy, to avoid any surprises when it comes to claims.
Here are some common exclusions in cyber insurance:
| Category | Exceptions |
| Intentional Acts | Attacks or leaks carried out intentionally by company employees or management. |
| War and Terrorism | Cyber attacks are categorized as acts of cyber war or national-scale terrorism. |
| Public Infrastructure Failure | Disruptions due to power outages, internet outages, or third-party network failures. |
| Physical Loss | Hardware damage is not included, unless specifically guaranteed. |
| Criminal Fines / Illegal Actions | Criminal penalties or sanctions for violations of the law are not guaranteed. |
Extreme Carelessness Complete failure to implement basic security systems, such as not using passwords or firewalls.
Why Is Cyber Policy Wording So Complex?
Unlike fire or vehicle insurance, cyber insurance policies do not have global standards.
Each insurance company has different definitions, clauses and limitations.
Therefore, the role of brokers like L&G is very important to:
- Examining the policy wording in detail,
- Explaining the meaning of each technical term,
- Comparing policies between insurers,
- Negotiating a waiver of exclusion.
A single misinterpretation of a term can lead to a claim being denied. For example, the difference between “cyber extortion” and “cyber terrorism” can determine whether or not a claim is covered.
Real Case Example: Scope Differences Make a Big Difference
Case 1: Phishing Attack Without Social Engineering Coverage
A financial company lost Rp 8 billion because its staff transferred money to a hacker’s account after receiving a fake email from the “Director”.
Their cyber policy did not cover social engineering fraud, so the claim was rejected.
After consulting with L&G Insurance Broker, their new policy was added with a Social Engineering Coverage clause.
Case 2: Data Leak at a Health Clinic
Patient data was leaked due to a Trojan horse. L&G assisted the client in preparing notification documents, reporting to regulators, and processing a claim for PR costs totaling Rp 2 billion.
The claim was approved within 30 days as all documentation was in accordance with the policy provisions.
Case 3: ERP System Downtime
A factory stopped operating for 4 days because the server was attacked by ransomware.
L&G Brokers assist in activating the Business Interruption clause with evidence of IT audits and financial reports.
The claim of Rp 9.7 billion was paid in full by the insurer.
The Role of L&G Insurance Brokers in Determining Appropriate Coverage
Determining the extent of cyber insurance coverage cannot be done carelessly.
Every business has a different risk profile — and this is where L&G Insurance Broker’s expertise comes into play.
Common steps taken by L&G include:
- Risk Profiling – mapping digital exposure and potential financial impact.
- Coverage Design – tailoring coverage to the client’s specific risks.
- Policy Review – comparing wording between insurers and assessing policy limits.
- Premium Negotiation – reducing costs without reducing benefits.
- Claim Assistance – ensures claim payments are in accordance with the actual loss value.
With experience across sectors such as mining, energy, logistics and technology, L&G is able to tailor policy coverage to the needs of local and international businesses.
Broker Tips: Things to Consider Before Buying Cyber Insurance
✅Make sure the policy wording is read and explained by the broker.
✅Choose a coverage limit that is commensurate with the digital risk value.
✅Don’t forget to add optional covers such as social engineering and reputation harm.
✅Set up minimum security protocols (MFA, backup, firewall) to meet underwriting requirements.
✅Use an experienced broker like L&G to ensure the claims process runs smoothly.
Conclusion: Coverage Area = Key to Effective Protection
Having cyber insurance is not just a formality — it is a strategic investment to ensure business continuity.
However, an inappropriate policy can render protection useless.
With the assistance of PT. Liberty and General Insurance Broker (L&G Insurance Broker), companies not only receive a comprehensive policy but also a thorough understanding of what is covered and excluded.
L&G helps ensure that every penny of premium paid provides real protection when a cyberattack actually occurs.
💻Want to know if your cyber policy covers all of your company’s digital risks?
Consult for free with PT. Liberty and General Insurance Broker (L&G Insurance Broker) — a trusted partner for cyber risk protection in Indonesia.
HOTLINE L&G 24 JAM: 0811-8507-773 (PHONE – WHATSAPP – SMS)
Website: lngrisk.co.id
Email: halo@lngrisk.co.id
