Skip to main content
Marsh logo

Cyber & Data Security Insurance for Law Firms

Cyber incidents can harm your law firm's operations, reputation, and financial stability. Designed by Marsh in partnership with reputable underwriters, Marsh’s Cyber & Data Security Insurance complements your cyber coverage under your PII policy to safeguard your firm against a wide array of cyber losses, including the recovery costs needed in the event and aftermath of a cyber incident.

Get a quote Contact us

Enhanced

An essential add-on coverage to the Professional Indemnity Insurance (PII) that protects your legal practices from cyber extortion, computer forensics costs, public relations costs etc. 

Simplified

No lengthy form-filling process as your information is already in the PII system.

Supportive

A 24/7 incident response team is ready to assist when a cyber incident occurs.

Why Marsh’s Cyber and Data Security Insurance is essential for law firms in Malaysia

In Malaysia, cybercrimes caused about RM600 million in losses in 2022,1 with 76% of businesses reportedly experiencing a cyber incident — more than any other country in the Asia-Pacific region — with 61% of incidents resulting in business interruption and 57% resulting in data loss.2

The hard truth is that law firms are targeted by cyber criminals as they possess clients’ sensitive data and proprietary information. Even though nearly 3 in 4 businesses in Malaysia purchase cybersecurity tools,3 cyber incidents that result in financial and reputational losses continue to occur. Aside from cyberattacks, losses and data breaches also commonly arise from human error or system failure, which means your legal practice may be more vulnerable than you think.

Marsh’s Cyber & Data Security Insurance complements your existing Cyber Liability component under your current mandatory Professional Indemnity Insurance (PII) scheme, enhancing your protection with cyber & data security risks not covered under the firm's PII, including losses from cyber extortion and public relations costs. 

These are the essential coverages that Marsh’s Cyber & Data Security Insurance adds to your existing mandatory PII coverage:

  • Cyber extortion

Covers the expenses arising from a cyber extortion threat.

  • Forensics costs

Covers the payment for a forensics consultant to identify the hacker and the source of the attack, and payment for a security specialist to assess the electronic security and temporary storage of the insured’s electronic data.

  • Business interruption

Reimburses the loss of business income as a result of the cyber incident causing interruption, degradation in service, or failure of the insured’s computer systems.

  • Data breach notification costs

Covers expenses incurred or obligated following a breach of data held by the insured, notification of customers, legal fees and costs associated with administering the notification process.

  • Information and communication asset rectification costs

Covers repair and restoration of the insured’s computer systems arising from damage, destruction, alternation, corruption, or misuse from the cyberattack.

  • Regulatory defence and penalty costs

Covers payment related to regulatory action, penalty, or fine (when insurable by law).

  • Public relations costs

Covers payment incurred to engage a public relations and crisis management consultant to avert or mitigate any damage to the insured’s brand and operations.

  • Credit monitoring costs

Covers payment incurred for a credit monitoring service in compliance with data breach law.

The coverage and annual premium can be tailored to your law firm’s size, needs and budget, with the Limit of Indemnity (i.e. limit for any one claim and in the aggregate) ranging from RM50,000 to RM1 million. Each policy carries a deductible that is applicable for each and every claim.

Marsh’s Cyber & Data Security Insurance: The preferred option

Compared to other cyber insurance policies, Marsh’s Cyber & Data Security Insurance is easy-to-apply as the same information provided under the mandatory PII scheme is used — reducing the application time significantly (as opposed to the usual three to six months) as no additional form-filling is required.

We also recognise the importance of continuing to promptly attend to your clients and cases even when a cybersecurity incident occurs, hence we provide 24/7 access to our incident response team as part of your coverage to help you respond to your clients and the Courts with minimal delay — reducing your overall downtime.

Why Marsh

As Malaysian Bar’s appointed insurance broker for your mandatory PII scheme with 21,000 professional lawyers insured in Malaysia, Marsh is fully committed to ensuring your peace of mind. For PII policyholders, application for the Cyber & Data Security Insurance policy is fast and fuss-free, with the option of a free risk assessment to analyse your law firm's cybersecurity posture and expert recommendations to improve your cyber resilience.

1New Straits Times. (14 January 2023). Almost RM600 million lost to cyber crime in 2022.

2Kroll. (2022). The Cyber Threat Landscape in Malaysia.

3Kroll. (2022). The Cyber Threat Landscape in Malaysia.

Ready to be cyber secure?

Contact us now for a non-obligatory consultation.

Contact us

FAQs

Marsh’s mandatory PII policy provides third-party liability cover for claims arising from the provision of your legal practice. This does not cover first-party losses such as cyber extortion, IT forensics, data recovery, business interruption and public relations costs, which can be covered by Marsh’s Cyber & Data Security Insurance policy.

Cyberattacks are usually carried out on a blanket basis (versus a targeted basis), so businesses of all sizes might be impacted. Smaller law firms may be more vulnerable because they typically lack substantial preventive measures.

No. The cost incurred by your internal IT cannot be claimed under this cyber policy. 

The policy requires you to use the underwriter’s preferred forensics IT team in the event of an incident.

Yes. However, this will have to be indicated on the Proposal Form. 

Our people

Johan Shahar

Johan Shahar

Vice President, FINPRO - Malaysian Bar PII Scheme

Email