Pillsbury's tips for reviewing cyber insurance policies—what to look for, ask for and include before you buy.

  1. Make sure your policy limits and sublimits are adequate
  2. Request "retroactive" coverage for prior, unknown breaches
  3. Watch out for "panel" and "prior consent" provisions that purport to tie your hands in responding to a breach
  4. Get coverage for claims resulting from your data vendors' errors and omissions, not just your own
  5. If you handle data for others, make sure your liability to them is covered too
  6. Seek coverage for "loss" of data, not just data theft
  7. Dovetail your cyber insurance with data vendor indemnities to maximize both
  8. Harmonize cyber coverage with your other insurance
  9. Get a subrogation waiver from your cyber insurer
  10. Negotiate favorable defense provisions