Skip to Content

Sales Narratives

Feel free to adapt, cut and paste any of this copy into your own marketing communications

CyberEdge Video Summary

AIG’s CyberEdge covers one of the most volatile risks facing businesses today. Here are 8 reasons to recommend it to your clients:

1. At the first suspicion of a cyber breach, our 24/7 First Response service delivers immediate expert IT and legal support to assess and contain the incident with no policy retention for the first 48 or 72 hours.

2. The Event management module covers a host of professional cyber services and costs to get the business back on track after an attack no matter how long it takes.

3. CyberEdge covers your clients’ cyber liabilities to others, defence costs and insurable fines anywhere in the world – especially important in the wake of the GDPR.

4. Cyber extortion is one of the fastest growing subsets of cyber-crime, and CyberEdge covers specialist extortion advisors to guide and steer clients from first contact right through to necessary ransom payments.

5. Our major upgrade to cyber business interruption cover now includes, after the waiting period is triggered, NBI losses from the moment the cyber event occurred. You can even cover clients’ BI losses from systems failures at their OSPs.

6. A host of cyber loss prevention services includes a free report on clients’ cyber posture just by completing our new smart proposal form, and up to £10,000 worth of cyber services for policies over £5,000 premium.

7. CyberEdge’s modular structure with standard essential coverages and a range of cover extensions means you can calibrate your clients’ cyber protection around their specific operational requirements.

8. All of this is underpinned by our exceptional cyber claims expertise. As an industry leading cyber insurer we handle thousands of claims, we now the trends so your clients are in safe experienced hands whenever and wherever they face a cyber loss.

CyberEdge is designed for businesses of all shapes and sizes across industry sectors, from SMEs to global multinationals.  To find out more, explore the rest of this app.

CyberEdge Sales Themes


CyberEdge recognises the extreme importance of an early, expert and effective response to a cyber event.  It delivers exactly that as quickly as possible for the initial 48 or 72 hours, with no policy retention or erosion of policy limits.

A rapid response. Our expert Legal and IT first respondents are contracted directly by AIG for the first 48 or 72 hours.  There are no time consuming pre-approvals during this period so they can get straight to work without delay, often over holidays and weekends, to assess the threat and protect the business as quickly as possible.

No proof? A cyber event doesn’t have to be confirmed to get the benefit of First Response.  Even if your clients  just suspect they may have been breached, our rapid, expert team of Legal and IT Forensic respondents is standing by to assist any time of the night or day, 365 days a year.

Too big to benefit? We know from experience of handling cyber claims that even large businesses with their own Security Operations Centers (SOCs) have benefitted from First Response.   Often the SOC can advise the business what has happened after a cyber breach, but may not have the expertise to effectively address it.

No retention! CyberEdge First Response is provided for either 48 or 72 hours.  The costs are taken care of directly by AIG with the relevant respondents without any policy retention and no erosion of the client’s CyberEdge policy limits,

Order from chaos. The impact of a cyber event can be traumatic. Internal tensions can run high and pressures from stakeholders can be intense especially when systems are unavailable endangering revenue.  In this crisis environment First Response establishes a clear legal and IT framework for business protection and recovery.


Our independent expertise legal and forensic IT specialists have assisted clients with numerous cyber incidents, Cyberedge  is on call to deliver this expertise to your clients 24/7.

Legal. An essential aspect of a cyber breach, especially given the GDPR, is for businesses to understand and discharge their responsibilities around reporting the incident to regulators and notifying individuals potentially impacted.  CyberEdge covers the costs of specialist legal support to guide clients through these requirements.

Forensic IT. CyberEdge covers the costs of expert forensic IT services to investigate and assess: how the third party attacker entered the system, what they did while they were there, whether they are still in the system, what data has been infiltrated, and what needs to be done to contain the incident and prevent reoccurrence.

Data restoration. A key concern for many businesses after a cyber-attack is restoring the data and getting their systems back online.  CyberEdge covers the costs of data recovery and reinstalling software which can be done by either our specialist IT advisors or the Insured’s own IT providers.

Notifications. The numbers of customers to communicate with will depend on the data breached, and could potentially be very large.  Communication to customers has to be made without “undue delay”.  CyberEdge pays for the necessary costs of doing this (for instance setting up mass mail programmes or call centres).

Managing communication. The Insured is also entitled to PR and communications advice, such as professional “behind the scenes” advice and guidance around managing communications with customers and potential customers, preparing on and offline statements for stakeholders etc.

As long as it takes. With CyberEdge, there’s now no time limit on how long we’ll pay event management costs to get the incident under control. CyberEdge clients get the benefit of expert cyber services (including  Legal, IT, PR, Data Restoration and Breach Notification costs) until the incident is resolved – no matter how long it takes.


CyberEdge delivers expert legal help navigating the regulatory landscape (in the spotlight after the GDPR) and covers liabilities to other people resulting from a cyber breach.

GDPR summary. The GDPR sets standards for organisations holding peoples’ personal information (eg names, emails, photos).  The standards include that data held has to be: limited to what’s necessary, accurate, accessible, removable if people so wish and secure. Data breaches have to be notified to the data regulator and affected people within 72 hours and maximum fines for non-compliance are €20million, or 4% of turnover.

GDPR cover.  CyberEdge covers insurable GDPR fines, the costs of expert legal guidance around regulatory notifications after a breach and the necessary legal defence and representation costs (e.g. should there be an investigation).

Third party claims. People can claim against organisations for financial loss and distress if they feel their personal data has been misused or not taken care of.  Cyberedge Security and Privacy Liability covers defence costs and damages for such claims. (Looking ahead any trend towards class action claims that we’ve seen in the US for large security breaches, would generate very high costs, also covered.)


As one of the more increasingly prevalent cyber threats facing businesses, CyberEdge covers an extensive range of specialist services to combat the use of ransomware for cyber extortion.

Indiscriminate attacks. Indiscriminate ransomware attacks threaten businesses of all sizes and sectors. Typically, malware may be introduced into a business by a phishing attack leading an employee to click on an affected link resulting in the automatic encryption of files which are rendered inaccessible. The encryption key is offered in exchange for a payment.

Targeted ransomware. At the other end of the extortion spectrum, our cyber claims teams are seeing more targeted attacks.  Often mounted against larger hand-picked organisations, we have seen instances where large chunks of the businesses’ server have been encrypted followed by large 5 and even 6 figure ransom demands.

Post ransom issues. Even after a ransom is paid to decrypt files, the cost and the disruption caused by the attack is still not over.    A painstaking forensic process is necessary to double check that the decryption will work, affected data needs to be isolated to prevent reinfection and files need to be cleaned before everything is reinstalled.


CyberEdge Network Interruption includes major improvements to get clients’ businesses back on track after a cyber loss.

What’s covered. Network Interruption covers loss of income, mitigation expenses and forensic accountant’ costs to quantify the loss when business operations are interrupted by selected events: cyber-security breach, system failure and voluntary shutdown to contain a cyber incident.

Outsourced Service Providers. Cyber Network Interruption can also be extended to cover losses from security breaches or system failures at clients’ Outsourced Service Providers such as cloud providers, web hosting providers or payment processors.

Hour zero cover. Once cover is triggered after the waiting period has elapsed and subject to the deductible, CyberEdge Network Interruption covers losses from the moment the cyber event occurs. This makes it as easy as possible to calculate the direct impact of a cyber event on the clients’ revenue and profit.

Best-of-both-worlds. Different geographies may have different methods of assessing interruption losses. To ensure clients get the best settlement for their business wherever they are, we can calculate the loss on a Gross Profit or on a Net Profit basis - whichever is the most appropriate for the client.


Our smart cyber proposal form adapts to the clients’ business and cyber exposures as it’s completed, it then generates an immediate analysis of the client’s cyber posture with a more detailed analysis if they bind a CyberEdge policy.

Immediate summary. If a client provides an email address they will receive a summary report based on their application responses.  This includes their score summary, baseline risk trending, top cyber risk scenarios, cyber risk reducing controls, and more.  See the movie below for sample content.

Detailed analysis. Upon binding coverage, the client will be emailed a more detailed analysis of the their cyber maturity, including additional risk scores, prioritized practices for improvement, scenario likelihoods, control effectiveness details, and more. See the movie below for sample content.

Cyber Smart Application movie

AIG is uniquely positioned to provide actionable insights for organisations looking to benchmark their cyber maturity and quantify their cyber exposures.  Our dynamic and interactive application in pdf format allows clients to answer tailored questions relevant to their industry, size, exposure and coverage sought.  Completing and emailing our smart application form allows AIG to input the right data inti our advanced underwriting model to score and quantify a client’s cyber risk.  There are three key advantages for clients.  One, question sets are tailored to their organisation, its risks and the coverage sought.  And the smart application form can be shared across an organisation to make answering questions straightforward.  Two it provides transparency and a clearer view of how we underwrite a risk.  Three. There are two client reports to help clients better prepare to face their cyber risks:  On submission clients receive a summary of their cyber posture – including their ability to protect their data and threat likelihoods. Then if they purchase or renew cover they receive a detailed report including the probabilities and financial impacts of cyber events on their business and analyses of their cyber risk controls.  


AIG Cyber clients with premiums over £5,000 are entitled to a range of loss prevention tools adding valuable layers to their lines of cyber defence.

£10,000 value. Complimentary tools and services worth up to £10,000 are included with each CyberEdge policy for eligible clients to provide knowledge, training, security, and consultative solutions. These services include:

Elearning and phishing. Cybersecurity simulations for employees available in 11 languages.  These measurable training programmes are designed to reinforce employee understanding and implementation of clients’ security policies.

Blocking and protection. Blacklist IP Blocking and Domain Protection, reduces an organisation’s attack surface by up to 90% ahead of the firewall by leveraging vast threat intelligence repositories, geo-blocking and black-list automation.

Vulnerability scanning. Clients select up to 250 of their IP addresses for expert analysis for critical vulnerabilities that are open to criminal exploitation, with a follow up scan 90 days later to verify remediation efforts.

Cyber orientation. One-on-one session with AIG Cyber Risk Consulting to address client’s questions about their cyber risk posture and to introduce AIG and vendor services to improve their cyber risk.

Endpoint detection.  Clients can implement an advanced threat detection capability across their environment, coupled with an incident response retainer, for on-demand access to aid in protecting and responding to cyber events.

Security ratings. Using an easy A-F grading system, clients are scored from an “outside-looking-in” perspective of their overall cybersecurity in ten key risk categories .

Portfolio diagnostic.  Experts review the client’s entire property and casualty portfolio to determine how it is anticipated to respond to the spectrum of cyber predicated financial and tangible losses.

Network security scoring.  Using an easy A-F grading system, clients are scored from an “outside-looking-in” perspective of their overall cybersecurity in ten key risk categories.


CyberEdge’s standard essential coverages and a range of extensions mean you can calibrate your clients’ cyber protection around their specific operational requirements.

First response and event management.  Covers a wide range of services to get the business back on track after a cyber event including Legal, IT, PR, Data Restoration and Breach Notification costs. Underpinned by 24/7 First Response with immediate legal and IT support after a cyber breach – with no policy retention for the first 48 or 72 hours.

Security & privacy liability. Third-party liability cover from breaches of confidential info, security failure, failure to notify the regulator and breaches of PCI compliance. Includes defence costs and insurable fines in relation to any regulator of Data Protection legislation worldwide.

Cyber extortion.  Covers an extensive range of specialist services to combat the use of ransomware for cyber extortion. From conducting investigations to validate a threat, to containment and negotiations to end an extortion event through to ransom payments.

Network interruption. Covers loss of income, mitigation expenses and costs to quantify the loss when operations are interrupted by selected events: cyber-security breach, system failure and voluntary shutdown. Can be extended to cover losses from security breaches or system failures at OSPs.

Electronic data incident. Covers accidental damage or destruction of a company’s computer system (including  for instance power surges, natural disasters, overheating, physical vandalism).

Digital media. Covers damages and defence costs for breaches of third party intellectual property, or negligence in connection with electronic content.

Telephone hacking. Covers charges from unauthorised access and use of a business’s telephone system, regardless of whether initiated on or off their premises.

Computer crime.  Covers direct financial loss from fraudulent electronic fund transfers from the client’s account arising from a cybersecurity breach.

Goodwill coupon. Covers costs of offering customers a Goodwill Coupon if confidential information has been breached or if individuals have been unable to access a service due to disruption.

Criminal reward fund.   Covers costs of a reward fund for information leading to the arrest and conviction of individuals (including staff, hackers etc) committing illegal acts relating to cover provided under a CyberEdge policy.


As a world leading cyber insurer AIG has handled thousands of cyber claims.  In such a fluid and volatile environment we have clear view of the emerging trends facing businesses, and regularly publish our findings to inform brokers and businesses. (See “Resources” section.)

Target Market

The potential market for CyberEdge is large because any company that relies on technology and stores, manipulates, or transmits data is at risk of a cyber event.

The potential market for CyberEdge is large because any company that relies on technology and stores, manipulates, or transmits data is at risk of a cyber event.

Manufacturing. Manufacturing and production facilities require integrated, reliable operations systems to ensure their production is timely and effective.

Retail. Retailers hold a wealth of client information including credit and debit card numbers. Clients who typically use the same password and save login details across several accounts are also placed at greater risk for fraud.

Energy. Possible vulnerabilities in industrial control systems and ever greater intersections between operational technology and information technology suggest a significantly heightened exposure.

Healthcare. The rise of electronic health records, other digital health platforms, and connected devices have made healthcare more vulnerable to security breaches.

Banking/Finance. Financial institutions have long been high on the radar of hackers given the sensitive data at stake. Malware, non-approved devices, and third-party business applications all pose unique challenges to banks and other financial companies.

Cover at a glance

With thirteen cover modules and one endorsement, CyberEdge’s new modular wording offers clients a tailored solution for the unique risks they face. Cover Modules:

First Response. 24/7 access to a cyber-response team during a security breach or denial of service attack.

Event Management. Covers costs to retain legal, IT forensics and public relations services to assist in managing and mitigating a covered privacy or network security incident.

Security and Privacy Liability. Responds to third party liability for claims arising from a failure of the insured’s network security.

Cyber Extortion. Costs of investigations to determine the cause of the extortion threat and to settle the extortion demand.

Network Interruption. Network Interruption responds to an insured’s loss of income and operating expenses when business operations are interrupted or suspended due to a failure of network security.

Network Interruption OSP. Network interruption losses and mitigation costs resulting from an Outsourced Service Provider.

Network Interruption System Failure. Network interruption losses resulting from an internal system failure not necessarily arising from a cyber-security breach.

Electronic Data Incident. Expands the data restoration coverage under the Event Management section to include a wide number of electronic data incidents.

Digital Media. Damages and defence costs incurred in connection with a breach of third party intellectual property, or negligence in connection with electronic content.

Computer Crime. Covers direct financial loss from fraudulent electronic fund transfers from an account maintained at a financial institution arising from a cybersecurity breach.

Criminal Reward Fund. A reward fund for information that leads to the arrest and conviction of individual committing or trying to commit a cyber-attack or extortion against the insured.

Telephone Hacking. Covers call charges resulting from unauthorised access to a telephone system.

CyberEdge claims scenarios

We have 20 years’ experience of handling cyber claims. Here are just a few examples based on actual events to illustrate the CyberEdge response. See the Resources section for more details.

Network Interruption. Ransomware encrypted 3 of the client’s servers and its folders.  The hacker also deleted the back-ups and demanded a ransom to decrypt the system. The client could not deliver shipments, receive materials, make payments or collect receivables.  After 10 days the client paid a BitCoin ransom of €25,000 to restore operations. AIG covered the costs of: the ransom, incident response and the extensive network interruption including increased cost of working and cancelled orders.

Email compromise. A client’s customers received a suspicious email with a PDF invoice from an employee.  In fact the email account had been compromised and the phishing email sent to thousands of addresses. The client proactively warned all contacts of the compromised account to avoid the PDF and changed employee passwords. CyberEdge legal respondents, after consideration of the client’s activities including selling cyber insurance products and reputational considerations, also recommended early ICO notification.

Breached Network. Hackers accessed the clients’ network compromising thousands of devices.   Local regulations prevented the clients’ data from being handled abroad and AIG sourced a local IT forensics team to investigate on-site.  Identification of the compromised devices and network traffic analysis showed how the hackers had gained access to user accounts and the scale of the penetration including confidential tender details and financials.  Analysis was still ongoing over 6 months later with costs running at over $300,000.

Targeted attack. A targeted cyber-attack encrypted all of a large retailer’s files including those on the cloud.  AIG quickly appointed forensic IT to work onsite, non-stop, to secure the system and try to retrieve unencrypted data.  No stock replenishment or online order processing was possible and eventually the client decided to pay the BitCoin ransom which AIG helped source.  Cyberedge covered the costs of manually decrypting each individual file, IT fees and interruption losses until they exceeded the £1m policy limit.

An employee steals the personal information of millions of customers. CyberEdge response: CyberEdge covers the costs of IT forensic experts to establish what data was stolen from who and the costs of notifying the individuals whose data had been stolen.  It also paid for credit monitoring to make sure the individuals suffered no ongoing losses after the data theft.  It then covered the costs of a legal breach coach to prepare the business for investigation and the costs of representing and defending the business in the ensuing legal action that was brought against them.

An unknown credit card processor puts a department store’s 35,000 cardholders at risk. CyberEdge response: Calling on its strong supplier relationship network, AIG worked with the insured to retain a top professional to provide notification, replacement credit cards and credit-monitoring services. AIG reimbursed the insured approximately $200,000. AIG is providing legal counsel and closely collaborating with the retailer to explore its right to reimbursement from the credit card company and third-party processor.

A college accidentally sends 80 emails including names and grades of all its students. CyberEdge response: Working together AIG and the college were able to retrieve 55 of the emails before they were opened.  AIG worked closely with the school’s dean and helped provide notification to the impacted students and retained a supplier to provide credit monitoring.

3 million passwords are hacked from an online service provider and leaked posted online. CyberEdge response: AIG’s claims team and breach coach worked closely with the insured in resetting the passwords of the individuals and recommended a number of security procedures for users such as changing passwords every few months.  AIG collaborated with the client to email the 3 million impacted customers to advise them of the breach and to provide them with the necessary information on how to contact the insured’s customer care team.