Cyber Insurance for Charities

Our insurance brokers are experts at advising charities and arranging charity cyber insurance.

Cyber attacks are constantly evolving. According to the 2024 Cyber Security Breaches Survey, 32% of charities reported that they experienced some sort of cyber security breach or attack in the last 12 months, with prevalence being significantly higher amongst charities with incomes above £500k. Charities often hold sensitive information such as donor data, financial records and beneficiaries’ personal information, which makes them attractive targets for cybercriminals. If a cyber attack succeeds, it can be very costly to recover.

Why work with us:

  • Get free independent advice & a no obligation quote over the phone.
  • Assess the suitability of cyber insurance for your charity.
  • Friendly and professional brokers with specialist knowledge of the third sector.
  • Only pay for the cover you need.

Access Insurance Feefo Reviews

Request a quote – it’s simpleStart today 

What does cyber insurance cover?

Cyber insurance exists to cover the costs incurred of responding to a privacy breach or ransom attack, business interruption, cyber extortion, liabilities and legal fees, as well as expenses associated with crisis management.

Typically insurers will include:

  • 24/7 access to incident response teams, including forensic experts, legal advisors, and PR consultants to manage the impact of cyber incidents.
  • Cover for the costs associated with managing a data breach, such as notifying affected individuals, offering credit or identity fraud monitoring services and handling regulatory investigations.
  • Cover the costs of recovering data lost due to viruses, hacking, ransomware or denial of service attacks. This includes repairing or replacing damaged computer equipment.
  • Business interruption cover for loss of income resulting from cyber incidents like extortion or data breaches.
  • Network security and privacy liability to cover liabilities arising from the transmission of harmful malware to third parties or failure to prevent unauthorised access to personal data.
  • Cover for legal costs and regulatory fines associated with breaches of data protection regulations, where insurable by law.

Additional insurer services & benefits

Many of the cyber insurers we work with provide a range of different benefits, for example:

  • Cyber risk portals that provide tools such as security alerts, deep scanning, dark web monitoring and real-time incident reporting.
  • Training guides and resources on topics such as phishing attacks and cyber response planning.
  • Access to legal helplines, consultancy and experts.
  • Some insurers also have their own claims handling team and cybersecurity specialists to support clients during the claims process.

Understanding Cyber Insurance For Charities

It is important for charities to manage common vulnerabilities and ensure they have robust cyber security in place before taking out this cover, as insurers will usually stipulate conditions that must be met before the policy is offered.

You can download our complete guide to ‘Understanding Cyber Insurance For Charities‘ to get a clearer idea what these policies cover and some common challenges and cyber liabilities charities have.

See what our clients say

Join hundreds protected with cyber insurance for charities

Get a quote

Your questions answered.

Unlike other covers, cyber insurance is not mandatory, however, charities may be advised to take out cyber insurance if they often handle sensitive data about donors, beneficiaries, and volunteers; if they have remote or online services or if they have experienced successful or unsuccessful cyber attacks. Speak with a charity insurance specialist who can help you assess whether your organisation would benefit from a cyber insurance policy.

Cyber Essentials is a UK government-backed scheme designed to help organisations protect themselves against common cyber attacks. It provides a set of basic technical controls that organisations can implement to improve their cyber security, which include areas such as firewalls, user access control and malware protection. The certification is not mandatory it can demonstrate good data protection, protect against common attacks, reduce premiums from some cyber insurers and meet requirements for potential funders or contracts.

Cyber insurance generally does not cover physical damage to hardware, upgrades or improvements to systems, long-term financial losses such as reduced market share, pre-existing conditions or undisclosed breaches, and acts of war or attacks by nation-states. Additionally, it excludes illegal activities by the insured, failure to maintain adequate security standards, certain fines and penalties (like PCI fines), intentional acts by employees, intellectual property infringement, and bodily injury or property damage. It’s important to get advice from your broker or carefully review policy terms, as exclusions can vary between insurers and specific policies.

The cost of a cyber insurance policy for charities often depends on the type and volume of data handled by the charity, the charity’s size and the current cyber risk management.

According to the 2024 Cyber Security Breaches Survey, the most common type of breach or attack reported by charities was phishing, experienced by 83% of those affected. Other common types of attacks included impersonation (37% of affected charities) as well as viruses or other malware (14% of affected charities). Read our guide to see how some of these can be mitigated.