The Ultimate Glossary

Insurance comes with its own language. This glossary gives simple definitions for terms specific to professional and management liability. No insurance jargon here, just plain English that we can all wrap our heads around.

Insurance Glossary


An agency (noun) is an entity authorized to sell and service insurance contracts on behalf of one or more insurance companies in exchange for compensation.

See: agent, managing general agent


An agent is someone who is authorized to solicit, negotiate or effect contracts on behalf of another, i.e., an insurance agent sells and services policies on behalf of an insurance company. The agent’s authority and obligations are subject to the terms of the agency contract. The agent may represent multiple insurers as an independent agent or just one as a direct writer, that is, a commissioned employee of that insurer.

See: agency

Aggregate Limit

Aggregate Limit in an insurance policy refers to the maximum amount that the insurer will pay to the insured for all covered losses under the policy. You can think of an aggregate limit as a ceiling: once the ceiling is reached, the insurance company will stop paying. The ceiling may be reached in one or more claims.
See also Limit, Shrinking limits, Sublimit.

All Risks

All Risks refers to a type of insurance policy that covers loss from any cause as long as it is not explicitly stated as excluded in the policy wordings – in contrast to a ‘Named Perils’ policy.


Arbitration is a mechanism for resolving a dispute outside the court system in which, with the agreement of the parties, an impartial arbitrator hears evidence and hands down an enforceable decision.

Artificial Intelligence

Artificial Intelligence (AI) is the science focused on developing computer systems capable of performing tasks that normally require human intelligence such as speech recognition and decision making.
See also: deepfake, machine learning.

Balance Sheet

The Balance Sheet shows a company’s Assets, Liabilities and Shareholders’ Equity as of a particular date. In other words, it shows what the company owns, owes, and is worth, at a particular point in time. Also known as the Statement of Financial Position.

See also: cash flow statement, income statement, retained earnings

Betterment Clause

The betterment clause in an insurance policy clarifies the intent of the insurance to make the insured party whole again, that is, to return them to the original state and not to pay for improvements beyond the original state.


A binder is a document that functions as temporary proof of insurance coverage. It is a legal agreement, issued by an insurance company or its agent, that is used to confirm that coverage is in place until the time that the insurance policy is issued.

See: bind, binding authority.

Binding Authority

If an agent has ‘binding authority’, it means that an insurance company has given that agent the authority to commit that insurance company to a new insurance policy without having to obtain prior underwriting approval from the insurance company.

In Lloyd’s market, Lloyd’s coverholders receive binding authority from a managing agent on behalf of a Lloyd’s syndicate. This authorizes them to quote and bind policies on behalf of the managing agent’s syndicate, subject to certain terms and conditions.

See: bind, binder, coverholder, delegated authority.

Black Swan Event

Black Swan Event refers to a highly impactful, rare and unexpected event.


A Blockchain is a digital ledger of transactional records. Encrypted transaction records are compiled into encrypted blocks which are added to the chain which is duplicated and distributed across a network of computers. There is no single point of control and all transactions are visible to all participants.

Learn more under cryptocurrency.


Botnet refers to a set of internet connected devices, such as computers, smart phones and smart devices, that are running automatic software applications. Typically Botnets are infected with Malware to perform a Distributed Denial of Service Attack. They can also be used for their combined processing power to launch other attacks, such as a Credential Stuffing Attack. The word botnet comes from bot meaning robot and net meaning network.

Breach of confidence

Breach of confidence is when a person shares information that they were supposed to keep secret. In order to make a breach of confidence claim, the complainant must prove that the information was confidential and they communicated it as such, and that it’s unauthorized use by the other party caused injury to the complainant.

Bring Your Own Device (BYOD)

Bring Your Own Device (BYOD) refers to the trend towards employees using their own devices at work and for work and on their employer-owned network. To combat the resulting increase in cyber risk, employers need to put BYOD security policies in place and educate employees on their role in cyber security. See multi-factor authentication, virtual private network.

Broker / Insurance Broker

An insurance broker is a licensed insurance professional who searches the market on behalf of their client the insurance buyer and arranges the insurance purchase. The broker is remunerated by the insurer and is not party to the insurance contract.

Brute Force Attack / Brute Force Hacking

Brute Force Hacking is when an attacker tries to guess passwords or usernames by trying different words or combinations of words. Brute force attacks are run systematically checking potential passwords or phrases until the right one is guessed. It’s an attack by trial and error! A commonly used tool is a dictionary. The attacker will try to guess words combined with a special character or number, until they guess correctly. When passwords are weak, the attacker can be successful in seconds. More complex or longer passwords may take months or even years to crack. See credential stuffing.

Business Email Compromise (BEC)

Business Email Compromise (BEC) refers to an email scam targeting companies that send wire transfers to suppliers. BEC criminals use phishing, spear phishing and social engineering to trick employees into assisting with fraudulent wire transfers.
See more under Phishing, Spear Phishing and Social Engineering Fraud.

Business Interruption

Business Interruption refers to the insured’s loss of income as a result of an interruption in operations due to property damage to the insured’s business.
See more under contingent or dependent business interruption.

Business Interruption Insurance

Business Interruption Insurance refers to insurance that covers the insured’s loss of income as a result of an interruption in operations due to direct property damage to the insured’s business.

See also: business interruption and restoration period.


‘Carrier’ in insurance, refers to the insurance company or the reinsurance company that provides the insurance. The carrier ‘carries’ the risk for a policyholder.

Related terms: insurance, reinsurance

Carve Back

Carve Back refers to an exception to an insurance policy exclusion. Because it makes the exclusion not apply in specific situations, a carve back benefits the insured. For example, an exception to the insured vs. insured exclusion in a D&O Liability insurance policy to allow for derivative demands.

Cash Flow Statement

The Cash Flow Statement shows the money that has flowed in and out of the company over a set period of time and how much cash (or cash like funds such as short term investments) is on hand. Also known as the Statement of Changes in Financial Position.

Related terms: balance sheet, income statement.


Insurance uses the term ‘Claim’ in the following ways:

  1. A claim made against the insured is a written demand such as a lawsuit, a subpoena, a civil or criminal proceeding. What constitutes a claim for a policy is defined within the policy wordings.
  2. A claim reported by the insured to the insurer is a request for reimbursement of a loss under an existing policy. See also: Reservation of Rights, subrogation.

Read an article: What is a claims adjuster?

Claims Handling

Claims handling refers to the process of managing an insurance claim from receipt to resolution – assessment, coverage verification, investigation, settlement.

Claims Made

Claims Made refers to a policy condition under which claims that meet the policy definition of a claim will be considered for coverage if they are made against the insured during the policy period.

Read this article to learn more.
See also Claims Made and Reported and Occurrence Basis.

Claims Made and Reported

Claims Made and Reported refers to a policy condition under which claims that meet the policy definition of claim will be considered for coverage if they are both made against the insured and reported to the insurer within the policy period.

Watch a video.
See also Claims Made and Occurrence Basis.


Clickjacking, also known as a User Interface redress attack, is a scam in which the criminal manipulates a website interface by adding hidden layers to trick a user into clicking on an invisible button or link and in doing so, downloading malware or doing some other unintended action.
See more under Malware.

Cloud Computing

Cloud Computing is when the software and hardware you use are not located on your desktop or your company’s network, but rather, accessed via internet as a service. If you use Hotmail, Yahoo email or Gmail for your personal email, you’ve been using the cloud to send and store emails. Many businesses use cloud computing because it’s a service that is managed by someone else taking the burden off their plate. These services are often provided through a subscription model, “pay as you go”, making service easily scalable.

Common types of cloud computing include:

  • Infrastructure as a Service (IaaS): Access hardware via Internet. An example of this is storage, such as Apple storage on your phone for $1.39 per month.
  • Software as a Service (SaaS): Access software via Internet. An example is Microsoft online, which doesn’t require you to download the program onto your computer. You can now use Microsoft Word over the Internet!
  • Platform as a Service (PaaS): As the name implies, these are platforms that are accessed through the internet. For example, you can have an ecommerce website but the shopping cart, checkout, and payment mechanism are running on a merchant’s server. (Salesforce) and the Google App Engine are examples of PaaS.

See also: Cloud Detection and Response (CDR)

Cloud Detection and Response (CDR)

Cloud Detection and Response (CDR) is security software designed to monitor cloud computing environments to detect and respond to cyber threats/breaches/intrusions.
See also: Cloud Computing, Endpoint Detection and Response (EDR).


An insurance contract in which the insured party and the insurance company share the cost of the claim on a percentage basis, such as for an extortion payment on a cyber insurance policy.

Combined ratio

Combined ratio uses the relationship between the total amount of earned premiums and the total amount of incurred losses and expenses over a given period of time to measure the profitability and financial health of an insurance company. There is an inverse relationship between the combined ratio and the company’s profitability. A combined ratio that is below 100 percent, shows that the company is making profit. 

Combined Ratio = ((Incurred Losses + Expenses) / Earned Premium)*100


Combined Ratio = Underwriting Loss Ratio + Expense Ratio

Read this article to learn more.

Commercial General Liability Insurance

Commercial General Liability Insurance is an insurance policy that protects commercial entities against financial loss arising from claims alleging bodily injury and property damage. CGL is an occurrence-based insurance.

Commercial Property Insurance

Commercial property insurance covers the loss that a commercial organization suffers from damage to, or destruction of, its own tangible property as a result of perils such as fire and flood. Available in All Risks or Named Perils policies.
See more under all risks, named perils.

Conditions Precedent

Conditions precedent refers to those conditions that need to be met in order to trigger insurance policy coverage.

Learn more, read up on occurrence vs claims-made policies.

Consent to Settle

Consent to Settle, also called the ‘Hammer clause’ refers to a policy condition that requires the insurer to seek the insured’s approval prior to reaching a settlement and stipulates the consequences of the insured not consenting to settle.
See Hammer Clause.

Consequential Loss

Consequential Loss is a loss suffered as a consequence of, but not a direct result of, the event i.e., a crime. Also called an indirect loss. An example of consequential loss would be lost income after a fire shuts down a business.
See also: loss.

Contingent or Dependent Business Interruption

Contingent or Dependent Business Interruption refers to the insured’s loss of income as a result of an interruption in service from a third-party service provider. Businesses depend on third-party service providers such as vendors and suppliers to make an income. A simple example of depending on a third party is the credit card processing done by a third party for an online store. If the credit card processor goes down, the business will not be able to collect revenue.
Watch a video on Contingent Business Interruption
See also: Business Interruption Insurance

Continuity Date

Continuity Date or ‘first policy inception date’, is the earliest date of the insured’s continuous insurance coverage. This date can be many years prior to the current policy inception date as long as there has been no gap in coverage, i.e., no time in which the insured was without insurance coverage. See: insurance policy.

Contractual Liability

Contractual Liability refers to a legal obligation assumed under contract.


Cookies are small pieces of data sent by a website that you visit to your web browser (the software that you use to access the World Wide Web). The cookies are stored on your computer. The next time you visit that site it can ‘remember’ you by accessing the original cookie. Cookies help websites remember useful information like when you last visited, items in an online shopping cart, log in details, or previously entered information like name, address, etc. Problems arise when there are system vulnerabilities and hackers can read cookie’s data. Third-party tracking cookies can be used to record your browsing history, which is a privacy concern.


A coverholder is a third-party, such as a broker or managing general agent, that has been given delegated authority to underwrite insurance business on behalf of an insurance company. 

A Lloyd’s coverholder is authorized by a managing agent to effect policies on behalf of that managing agent’s Lloyd’s syndicate. The Lloyd’s coverholder acts as an agent for the managing agent’s syndicate in accordance with their binding authority agreement.

Access Lloyd’s market directory to see a current list of Lloyd’s coverholders.

Credential Stuffing

Credential Stuffing is a type of cyberattack where the attacker takes massive lists of usernames (typically email addresses) and passwords, and then tries to “stuff” them into different websites to gain access. They typically obtain the massive lists of passwords from data breaches. Unlike brute force attacks, attackers are not guessing passwords. They simply automate the process to attempt thousands or millions of logins using different automation tools. Attackers can be very successful using this approach because users often use one password for several logins and rarely change them. See multi-factor authentication.


Cryptocurrency is a digital only currency based on blockchain technology. It has no physical form such as tangible coins or paper bills. You can use it to buy goods and services or as an investment. There are many different kinds of cryptocurrency such as Bitcoin, Ethereum, Lirecoin and Cardano.
See more under Blockchain, Cryptocurrency mining, and Cryptojacking.

Cryptocurrency mining or Cryptomining

Cryptocurrency mining or Cryptomining is the process of validating cryptocurrency transactions and adding them to the blockchain ledger. Due to complex encryption of transactions and blocks, significant computing power is required for the process. Miners earn the block’s coin (cryptocurrency) as payment for their work.
See more under blockchain, cryptocurrency, cryptojacking.


Cryptojacking, also referred to as malicious cryptomining, is the process of using malware to steal computer processing power from victims’ devices for the purpose of cryptomining.
See more under Cryptocurrency mining.

Cyber Extortion

Cyber Extortion is when a hacker holds data, computer systems, applications, or a website hostage until the business pays a ransom demand or is able to remove the intruder. Common threats include the threat to:

  • to damage or destroy data
  • to block access to computer systems or applications
  • to publicly disclose data
  • to introduce malicious code
  • to slow down or interrupt computer systems

Cyber extortion is typically executed in the form of ransomware (a type of malicious software) or a denial of service attack.
See more under Extortion Threat Coverage.

Cyber Insurance

Cyber Insurance is an insurance policy that’s intent is to cover the loss a company experiences due to a privacy or a network security breach. Due to cyber being a relatively new coverage,  there is very little consistency in the insurance market as to what is covered by a cyber policy. Coverage, definitions and terminology vary from insurance company to insurance company.  This is one of the challenges of today’s cyber market.
Related terms: cloud computing, drive-by download.

Watch a video explanation

Learn more: take the course!

Data Corruption

Data Corruption refers to electronic information that becomes unreadable, unusable or inoperable. This can be caused by human error; however it can also be caused by malware. Data restoration may be covered by a cyber policy depending on what caused the data corruption. Some policies even cover data re-creation. Data restoration and data re-creation are not the same thing.

Data Re-creation

Data re-creation refers to the recreation of electronic data from non-electronic sources following a cyber incident. Details of the definition vary by policy so it’s important to review wordings carefully to determine what is or is not covered. Not to be confused with data recovery.

See: data corruption.

Data Recovery

Data recovery refers to the recovery of electronic data from electronic sources following a cyber incident. Details of the definition vary by policy so it’s important to review wordings carefully to determine what is or is not covered. Not to be confused with data re-creation.


Decryption is the process of transforming encrypted data back into its original unencrypted form. This is done by using the specific password or key that was originally used to encrypt the data.

See: Encryption.


A deductible is the amount that the insurer deducts from the total loss amount before paying out a claim to the insured. See Retention.

Deep Linking

Deep Linking refers to the use of a hyperlink on one website to link to specific content on another site, rather than to that site’s homepage, but rather a page like this one. There have been lawsuits involving complaints about improper deep linking to content that is copyrighted, again such as this page! This is what is referred to as improper deep linking.


Deepfake refers to artificial intelligence (AI) generated synthetic media – super realistic videos, images or recordings of people doing or saying things they actually didn’t. Deepfake media is created by mapping the likeness of one person (i.e., a celebrity) onto that of another. It is often used maliciously.
See more under Artificial Intelligence.


Defamation is the act of communicating false statements that damage someone’s reputation.
See more under Libel and Slander.

Delegated Authority

Delegated authority is an insurance industry term that refers to the outsourcing of certain functions. Specifically, it refers to a contractual arrangement under which one party authorizes another party to act on their behalf. For example, an insurance company may delegate underwriting or claims handling to another party.  These two parties have a ‘delegated authority relationship.’

Related term: binding authority, coverholder, managing general agent 

Denial of Service Attack (DoS)

A Denial of Service Attack is a type of attack against a computer system or website.  It usually involves flooding the site with traffic or attacking a specific vulnerability resulting in a slowed or unavailable system or resource or restricted access. Not all Denial of Service Attacks are malignant. Cyber insurance policies may or may not cover a denial of service attack, and if coverage is granted, the definition of what constitutes a denial of service attack varies.
Also read about: Distributed Denial of Service attack.

Derivative Demand

A Derivative Demand refers to a demand made by one or more members or shareholders to bring a lawsuit or other action against the management or board on behalf of the organization alleging a wrongful act resulting in damage to the organization.

Read more here.

Discovery Basis

Discovery Basis is a policy condition under which claims that meet the policy definition of a claim, will only be considered for coverage if the incident that gives rise to the claim is discovered while the policy is in effect, regardless of when the incident actually occurred. This is in direct contrast to a policy that is written on an occurrence basis. First-party loss on a cyber insurance policy is written on either an occurrence or a discovery basis.

Discovery Period

Discovery Period is a time period following policy expiry during which the insured may discover and report claim loss it incurred during the policy period. A discovery period is a feature of a claims-made policy and is commonly 30 or 60 days in length.

See: extended reporting period

Distributed Denial of Service Attack (DDoS)

A Distributed Denial of Service Attack is like a DoS attack on steroids! The difference is that the incoming traffic flooding the target originates from multiple sources, not just one. A successful Distributed Denial of Service attack can cripple an organization for an extended period of time and, due to its complexity is far more complex to resolve than a Denial of Service Attack. See botnet, credential stuffing attack.

Double Extortion Ransomware

Double extortion ransomware is a type of ransomware attack in which the attackers not only encrypt data, they also threaten to leak the data publicly if the ransom is not paid. The intent is to add an extra incentive for victims to pay the ransom – especially those victims who may otherwise elect not to pay because they have backup files.
See also: Cyber Extortion, Ransomware, Triple Extortion Ransomware.

Drive-by Download

Drive-by Download refers to the unintended downloading software from the Internet. It could mean clicking on a link, then authorizing the download without understanding what was really downloaded to your computer. It could also mean unknowingly downloading a virus or spyware. Drive-by Downloads can occur though emails and when visiting websites, clicking unknown links including pop-up windows. The risk is that the malicious content downloaded then exploits vulnerabilities in the victim’s computer system and be able to run code without the victim’s knowledge.

Duty of Loyalty

Duty of Loyalty is a legal duty of directors and officers requiring that they act honestly and in good faith in the best interest of the organization ensuring no conflict of interest between corporate obligation and personal issues. Also called Fiduciary Duty.

Duty to Defend

Duty to Defend is the obligation to provide a legal defence against a claim made against the insured once the claim has been reported to the insurer.

Click here to learn more

Duty to Manage

Duty to Manage refers to the legal obligation of Directors and Officers to manage, or supervise the management of the business and affairs of the organization.
See more under Fiduciary Duty and Duty of Care.

Duty to Obey

Duty to Obey refers to the legal obligation of Directors and Officers of not-for-profit organizations to follow the relevant laws, regulations, the bylaws of the organization and any unanimous member agreement.

Learn more about this in the course: Not-for-profit Directors and Officers Liability Insurance.

Employee Dishonesty Coverage

Employee Dishonesty Coverage is insurance protection found within a commercial crime insurance policy that:

  • covers losses resulting from dishonest acts by employees;
  • responds when an employee steals money, securities or other property from their employer.

Employee dishonesty coverage is also referred to as ‘Employee Theft Coverage’ or ‘Fidelity Coverage’, depending on the insurance company.

To learn more read: What is Employee Dishonesty Coverage?

Watch a video lesson on that nature of employee crime.

Employment Practice

Employment Practice refers to all actions, processes and procedures related to the work environment starting with the hiring process, through ongoing employment, to termination and even post-employment. External factors have an impact on employment practices. For example, the shift to remote working brings with it numerous employment practice challenges, especially when employees are based in multiple jurisdictions.

See Wrongful Employment PracticeEmployment Practices Liability Insurance (EPLI)

Employment Practices Liability Insurance (EPLI)

Employment Practices Liability Insurance is an insurance policy that protects employers against financial loss arising from claims alleging employment related wrongdoings. Employment Practices Liability Insurance is also known as EPLI. EPLI policies are typically offered as claims made, named peril, insurance contracts. EPLI covers injury-causing employment practices perils such as discrimination, harassment, wrongful dismissal and retaliation. Financial losses can include defence costs, damages or settlement; however the most frequent loss incurred is defence costs. See also Wrongful Employment Practices, Third-party Employment Practices Liability Insurance.

Read more about: Employment Practices Liability Insurance
Learn more: take the course!

Employee Retirement Income Security Act

The Employee Retirement Income Security Act (ERISA), was enacted in the U.S.A. in 1974 to assure that employees participating in private sector pension and benefit plans, and their beneficiaries, receive the benefits that the plans promise to them. This legal act governs how employee benefit and pension plans are managed and also requires that organizations that have USA employee benefit or pension plans purchase an ERISA fidelity bond and provide evidence of cover to the regulator. ERISA is administered and enforced by the U.S. Department of Labor. 

Read an article about ERISA bonds.


Encryption is the act of turning information that you and I can read, into code. The idea is that only the person with the key to decipher (decrypt) the code will be able to read the code. Encryption is used to protect confidential information. Encryption can also be used nefariously, for example, by cyber criminals to block access for files or computer systems in ransomware attacks.

Read an article: What is Ransomware?


End of Life (EOL)

End of Life (EOL) refers to products or software that are no longer supported or under warranty. If there are no updates, fixes or support for the software, it will eventually become a minefield of security weaknesses.  Windows XP and Windows Server 2003 are great examples of EOL products which are now more vulnerable to security threats.

Endpoint Detection and Response (EDR)

Endpoint Detection and Response is a type of security software that monitors end-user devices (endpoints) in real time to detect, analyze and automatically respond to suspicious activity, for example, by blocking malicious activity, isolating affected devices, and providing alerts. Also known as Endpoint Detection and Threat Response (EDTR). Examples of endpoints: mobile phones, desktop and laptop computers, Internet of things devices such as sensors, smart locks, etc.

Related term: Cloud Detection and Response (CDR)

Entity Coverage

Entity Coverage, a.k.a. Side C, refers to the insuring agreement in a Directors and Officers Liability Insurance policy that protects the balance sheet of an insured organization by covering loss resulting from claims brought against the organization (rather than against directors/officers). This coverage may or may not apply to securities claims.
See more under Indemnifiable Loss and Non-indemnifiable Loss.


An ERISA bond (or ERISA fidelity bond) is an risk management instrument that protects the benefit or pension plan for which it is purchased, from loss due to dishonesty or fraud by the plan’s fiduciaries. The Employee Retirement Income Security Act (ERISA) requires that organizations that have USA employee benefit or pension plans purchase an ERISA fidelity bond and provide evidence of cover to the regulator. 

Learn more, read an article about ERISA bonds.


Exclusion is a policy provision that excludes specific items, events, hazards, from coverage by the insurance policy. Reviewing the exclusions section of a policy wording is critical to understanding the extent and limitations of a policy’s coverage.
Related terms: betterment clause, carve back, force majeure.

Exemplary Damages

Exemplary Damages are damages in excess of compensation that are awarded specifically to make an example of the defendant.
See: Punitive Damages

Extended Reporting Period (ERP)

Extended Reporting Period (ERP) is an optional coverage extension for a claims-made policy that gives the insured an additional period of time within which to report claims to the insurer arising from prior wrongful acts. It is also referred to as Tail Coverage or Run off.

Learn more: watch a video
Also see: discover period


Extension is the term used to refer to an insuring agreement purchased to expand the coverage of a policy.

Extortion Threat Coverage

Extortion Threat Coverage provides coverage for ransom demanded by an extortionist who holds applications or data hostage or threatens an attack. Not all cyber policies include this coverage. If coverage is provided, check if the policy will pay a ransom demand in bitcoin or other cryptocurrency.
See more under Cyber Extortion.
See also Coinsurance.

False Light

False Light is an invasion of privacy tort where the plaintive is portrayed publicly in a false or misleading light; the information portrayed is offensive and embarrassing to a reasonable person.


Fidelity is faithfulness to another as shown through loyalty. In insurance the term is used to describe the relationship between employee and employer.

Fidelity Bond

A fidelity bond is a type of insurance bond that guarantees a faithful, loyal relationship with the purpose of protecting an employer or other entity from financial loss resulting from dishonesty and fraud, from criminal acts.

See also: ERISA bond.


A fiduciary is a person who holds the legal or ethical duty to act in the best interest of another (a.k.a. fiduciary duty) such as a financial trustee or legal counsel.

Fiduciary Duty

Fiduciary Duty is a legal duty requiring that one act honestly and in good faith in the best interest of another ensuring there is no conflict of interest between their obligation and personal issues. Also called Duty of Loyalty.
See more under Fiduciary, Duty to Manage and Duty of Care.

Financial Institution Bond

A Financial Institution Bond is a type of crime insurance policy specific to financial institutions.


Firewall refers to a network security system used to monitor and control the exchange of information between computer systems and external networks, including the Internet. The firewall follows a set of predefined security rules to block out viruses and other malicious malware. See hacking.

First Dollar Defence / First Dollar Defense

If a policy includes first dollar defence (FDD) coverage, then the insurance company begins paying defence costs right from the ‘first dollar’; right from the start – rather than the insured party first paying out the retention amount.

For example, the policy wording may state:  “For any Claim, no Retention shall apply to the first $25,000 in Defence Costs incurred as E-Discovery Consultant Services.”

Related term: Shrinking limits

First-Party Cyber Coverage

First-Party Cyber Coverage is found in a Cyber Insurance policy. It covers loss directly incurred by the insured organization due to a privacy or network security breach. Examples of first-party cyber loss that may be covered include: lost income due to business interruption and expenses incurred to mitigate a cyber risk, hire a cyber breach coach or notify affected parties are all.

See more under Cyber Insurance.

Force Majeure

Force Majeure refers to unforeseeable or uncontrollable circumstances (such as war or an extreme weather event) that prevent a contract from being fulfilled. An insurance policy definition of force majeure may or may not be limited to Acts of God. For example, floods, blizzards, earthquakes, hurricanes etc..
Related term: exclusion, insurance policy.


Hacking is the act of using computer or networking skills to solve a technical problem;  the act of identifying and exploiting security weaknesses to gain unauthorized access to a computer, computer system or other digital device. 

See brute force hacking, firewall, zero-day vulnerability.

Hammer Clause

Hammer Clause, also called ‘Consent to settle’ stipulates the conditions through which a claim settlement can be reached and the consequences of the insured not consenting to settle.
See Consent to Settle.

Watch a video that shows how the Hammer clause works.

Income Statement

The Income Statement shows a company’s revenue and expenses over a specific period of time and whether or not the company has made a profit or incurred a loss. Also referred to as the Profit and Loss Statement or P&L.

Related terms: balance sheet, cash flow statement.

Indemnifiable Loss

Indemnifiable loss, a.k.a. Side B, refers to the insuring agreement in a Directors and Officers Liability Insurance policy that protects the balance sheet of the organization by reimbursing the organization for those defence and damages costs of directors and officers which the organization indemnifies.
See more under Indemnification, Non-indemnifiable loss and Entity Coverage

Indemnification Agreement

An indemnification or indemnity agreement is a formal legal agreement, usually part of the employment or appointment agreement, between an individual director and the corporation. It states that if something goes wrong, and the director has done their best, the corporation will reimburse, to the director, the defence costs and the damages incurred. An indemnity agreement can be enforced in a court of law. 

Related terms: indemnification, indemnifiable loss.
Learn more, read an article: 3 Components of a D&O Insurance and Indemnity Program

Indirect Loss

Indirect loss is a loss suffered as a consequence of, but not a direct result of, the event i.e., a crime. Also called: Consequential Loss


Insurance is a mechanism for transferring risk by pooling it. A person or entity buys insurance to transfer their risk of loss to the insurer in exchange for a fee, the premium. The insurer assesses the probability of loss and combines many such exposures together to pool the risk. If an insurable loss occurs then the insurer is contractually bound to pay.
Related term: carrier, insurance policy, reinsurance

Here are some types of insurance:

Insurance Bond

An insurance bond is a bond that is designed specifically to protect an individual or organization against financial loss if certain circumstances occur, such as:

  • the failure of another party to fulfill a contractual obligation; or
  • their employee commits fraud.

Related terms: fidelity bond, surety bond.

Learn more, read an article on insurance bonds.

Insurance Policy

An insurance policy is a legal contract between the insurer and the party being insured, the policyholder, under which the insurer agrees to pay claims. The policy spells out what kinds of claims the insurer will pay and how much and under what conditions. The policy also states the responsibilities of both parties.

Related terms: bind, continuity date, extension, insurance, limit, package policy, terms and conditions.

Read an article: Occurrence vs claims made policies explained.

Insuring Agreement

Insuring Agreement is a clause in an insurance contract that specifies what is covered. It is what grants coverage. In D&O Insurance, for example, there is relative consistency in the market with most policies having a Side A, Side B, and Side C structure. When it comes to Cyber Insurance however, you’ll find anywhere from one to twelve different insuring agreements in a policy, making policies hard to compare. These clauses should be read carefully. You’ll want to look at how the agreements are worded as triggers. In other words, understand what the terms and conditions are under which coverage will be granted.

Intellectual Property Liability

Intellectual Property Liability is the liability to third parties for the alleged use of their protected intellectual property.  Examples of protected intellectual property can include industrial property such as trademarks and trade dress (product appearance/ packaging).  It also includes copyright such as artistic license for books, music or computer code.
See more under Liability.

Intrusion Upon Seclusion

Intrusion Upon Seclusion is an invasion of privacy tort. It refers to when someone physically or otherwise intrudes another person’s privacy or seclusion.

Invasion of Right of Publicity

Invasion of Right of Publicity refers to the unauthorized use of someone’s name, likeness or other recognizable aspects for commercial purposes.


Keylogger refers to a piece of software or hardware that records the keys hit on a keyboard. This is usually done without the user knowing their key strokes are being recorded.

See malware.


Libel is written defamation.
See more under Defamation.


Lloyd’s, also known as Lloyd’s of London refers to the world’s largest and longest operating insurance marketplace. It began at a coffee house established by Edward Lloyd (1648 – 1713) in the late 1600’s and today includes more than 200 lines of business and writes gross premiums of £46.7bn. (2022 Annual Report).
Related terms: Managing Agent, Subscription Policy.

Learn more about Lloyd’s, read the article.


Loss, in insurance is the financial damage suffered due to an insurable event. Under the terms of a policy, the insured needs to incur a loss in order to have a claim for damages. See also: Consequential Loss.

Loss Discovered

Loss Discovered refers to a policy condition under which only claims discovered and reported to the insurer during the policy period will be considered for coverage, regardless of when the wrongful act occurred. See also: Loss Sustained.

Loss Prevention

Loss Prevention refers to activities conducted for the purpose of mitigating risk such as implementing processes and procedures, or upgrading a physical security system.

Loss ratio

Loss ratio uses the relationship between total premiums earned and actual losses incurred over a given period of time to measure the profitability of an insurance company. Also called,”underwriting loss ratio.”

Loss ratio = ((insurance claims paid + loss adjustment expenses)/Premium earned) x 100

Read this article to learn more.

Loss Sustained

Loss Sustained refers to a policy condition under which only covers claims that were sustained during the policy period will be considered for coverage, regardless of when the loss is discovered or reported. See also: Loss Discovered.

Machine Learning

Machine Learning is when a computer is programmed to use statistics to find patterns in large amounts of data and to then apply those patterns. The effect is that the more data the computer processes, the more it ‘learns’, no human intervention required. A common application is the generation of recommendations by search engines, social media and streaming services like Netflix and Spotify.
See more under Artificial Intelligence.


Malware, or malicious software, is a blanket term for code created by attackers with the intent to gain access or cause damage to a computer system. Viruses, ransomware, and trojan horses are all examples of types of malware.

See also: keylogger.

Managing Agent

A Managing Agent at Lloyd’s is a company that is responsible for the management and governance of one or more Lloyd’s syndicates. Access Lloyd’s market directory to see a current list of managing agents.

Learn more about Lloyd’s, read the article.

Managing General Agent

A Managing General Agent (MGA) is an agency that is contracted to perform various business functions, such as underwriting, binding, policy administration, claims, and distribution, on behalf of (re)insurance companies. Some MGAs specialize in a particular type of insurance or risk. The extent, nature and parameters of the services that the MGA provides on behalf of the insurer are stipulated in the contract between the two parties known variously as a Delegated Authority  or MGA Agreement.

For greater detail, read the article: What is a Managing General Agent?

Manifest Intent

Manifest Intent in commercial crime insurance is the obvious intention to commit a crime, to cause the loss and to gain from the crime.

Media Liability

Media Liability refers to the liability risk that may arise from creating and disseminating content such as on a company’s website or social media pages. The risk for companies also applies to printed form and publications such as magazines and brochures. A media liability policy is available in the insurance marketplace as a stand-alone policy and limited coverage for online activities may also be found in some cyber insurance policies.

See also: deep linking, troll, product disparagement.

Miscellaneous Professional Liability Insurance

Miscellaneous professional liability (MPL) insurance is a form of professional liability insurance. It is intended to protect the insured from financial loss as a result of third-party claims arising from advice or service provided by the professional. Coverage typically extends to negligence, inaccurate advice and misrepresentation. An MPL policy is for those individuals and organizations that provide professional services for whom a custom professional liability policy does not exist. 

Learn more, take the course!

Moral Hazard

Moral Hazard occurs when a situation incents risky behaving by limiting or removing the cost of the risk. Insurance policies are written to guard against moral hazard. Learn more in the course on Employment Practices Liability Insurance (EPLI).

Multi-factor Authentication (MFA)

Multi-factor Authentication requires a user to present more than one distinct authentication factor (password, verification code, etc.) for successful authentication.

Named Perils

Named Perils is a type of insurance policy that covers only loss incurred as a result of the perils that are specifically listed (named) in the policy wordings – in contrast to an All Risks policy.
See more under All Risks.

Network Security Breach

Network Security Breach refers to unauthorized access to computer systems. Often third parties will identify and exploit a vulnerability in an insured’s computer system leading to the transmission of malware, unauthorized access or denial of service attacks. One common vulnerability in all companies is humans. See BYOD, multi-factor authentication.

Network Security Liability

Network Security Liability is the liability to third parties for damage arising from a network security breach. For example, if a failure in an insured’s security resulted in a virus making its way onto the insured’s system, and from there it replicated through their contacts’ systems, the insured may be sued by clients, vendors, and suppliers who’s own systems were damaged by the virus.

Non-indemnifiable Loss

Non-indemnifiable loss, a.k.a. Side A, refers to the insuring agreement in a Directors and Officers Liability Insurance policy that protects the assets of directors and officers in the case of a claim against them when the organization is unable or not allowed to indemnify them, e.g. in the case of insolvency or when not legally allowed.
See more under Indemnification, Indemnifiable loss and Entity Coverage.


A not-for-profit is an organization that is established for a specific purpose, a collective or social benefit, and does not pay profits, gain, or benefit to its members. For example, charities, cooperative associations, condominium or strata corporations. Also referred to as a ‘nonprofit’.

See: Not-for-profit Directors and Officers Liability Insurance.

Not-for-profit Directors and Officers Liability Insurance

Not-for-profit Directors and Officers Liability Insurance, also called non-profit D&O insurance, protects directors and officers of not-for-profit organizations from incurring personal loss as a result of claims brought against them in the course of their regular duties of managing or overseeing the management of the organization. See: directors and officer liability insurance.

Take the course.

Occurrence Basis

Occurrence Basis is a policy condition under which claims that meet the policy definition of a claim, will only be considered for coverage if the event that gave rise to a claim, a.k.a., the occurrence, happened during the policy period. These policies are said to have ‘long-tail liability’ because the claims can be reported at any time, even long after the policy period has ended. This is in direct contrast to policies written on a discovery basis.
Commercial General Liability (CGL) insurance is an example of an occurrence-based insurance.

See also Claims Made and Claims Made and Reported.

Outside Director Liability coverage (ODL)

Outside Director Liability coverage provides coverage for insured persons on a Directors and Officers Liability Insurance policy who serve as directors, officers, or trustees of outside organizations at the direction of the insured organization.
See Directors and Officers Liability Insurance.

Package Policy

Package Policy is a bundle of insurance products within a single policy, typically designed for a specific market segment i.e., small business. See insurance policy.


Patch refers to a piece of software code that applies changes to a computer program after the program is installed, to improve performance or fix bugs, thus removing vulnerabilities. If the patch is not done properly it can bring down systems or disable them. Patch management is an important part of any application lifecycle management. See hacking and zero-day vulnerability.

Pay on Behalf of

In insurance, ‘pay on behalf of’ means that the insurance company will pays costs directly, i.e., to defence counsel, rather than the insured having to pay up front and wait to be reimbursed by the insurer.
Learn more, watch a video about on ‘Pay on behalf of’ vs. reimbursement.



PCI-DSS or ‘Payment Card Industry Data Security Standard’ is a security standard for organizations that handle credit cards. This is also known as the PCI Standard.


Peril means danger or risk. For example, a property peril could be the fire that burned down the house.
See more under Named Perils.

Personally Identifiable Information (PII)

Personally Identifiable Information (PII) is information that could be reasonably linked or associated with, directly or indirectly, a consumer or household. What constitutes PII data varies by region as different privacy laws govern different regions and each has its own definition. Typically it is information that could allow someone accessing it to identify, locate or contact an individual. It’s important to keep in mind that a regulator may define PII differently from how an insurance policy defines it. The insurance definition may be broader, more restrictive, or may piggyback off of the regulatory definition. Always read the definition of PII in a policy wording carefully as this is a space that continues to evolve.

Learn more, read the article: Privacy legislation and cyber insurance.


Phishing is the use of carefully crafted emails to get the victim to click a link and release information. These emails seem authentic and convey urgency, tricking the victim into taking immediate action. See also: Smishing, Vishing, Spear Phishing.

Premium / Insurance Premium

Premium, in insurance, refers to the fee charged by the insurance company in exchange for carrying the risk as specified in the insurance policy contract.
See: written premium.

Prior Acts Exclusion

Prior Acts Exclusion is a policy condition under which a claim is not covered if the event, the wrongful act, that gave rise to the claim occurred prior to the policy inception date or the ‘prior acts exclusion date.’

Prior or Pending Litigation

Prior or Pending Litigation is a policy condition under which any litigation that is in process or that the insured has been notified of, or is aware of prior to the policy inception date or the ‘prior/pending date’, will not be covered by the policy.

Privacy Breach

A Privacy Breach is access to private information without permission. This can be from unintentional or intentional disclosure (someone sending out a client list with names and addresses), employee error, lost device (for example losing a flash drive or laptop computer storing private information) or a hacking event where a third party obtains access to private information.

See also: breach of confidence.

Privacy Liability

Privacy Liability refers to the insured’s liability to third parties for damage arising from unauthorized access to their private and confidential information. It is typically associated with a privacy breach, or access to or disclosure of private information without permission.

See also: intrusion upon seclusion, invasion of right of publicity.

Pro-rata Cancellation

Pro-rata Cancellation is a way of determining the refund amount that an insured will receive if their insurance policy is cancelled before the expiry date. The Pro-rata cancellation calculation is based on the remaining length of the policy. Check the policy Terms and Conditions to see if Pro-rata Cancellation applies.
See also Short Rate Cancellation.
Read an article: Pro-rata vs short-rate cancellation.

Product Disparagement

Product Disparagement is libel or slander as it relates to a product. It is an injurious false statement or claim made against a product.

Professional Liability Insurance

Professional Liability Insurance protects professionals from financial loss as a result of third party claims arising from advice or service provided by the professional. Coverage typically extends to negligence, inaccurate advice and misrepresentation. Eg. A lawyer forgets to file paperwork for purchase of property leading to their client losing out on a deal. The client sues for damages. Also referred to as Errors and Omissions (E&O) Insurance or Professional Indemnity Insurance.
See also Liability and Miscellaneous Professional Liability Insurance.

To learn more read the article: Professional Liability Insurance Explained

Proof of Loss

Proof of Loss is a formal submission to the insurer of documented facts that prove a direct loss from crime.
See: commercial crime insurance

Punitive Damages

Punitive Damages are damages in excess of compensation that are awarded specifically to punish the defendant.
See: Exemplary Damages.


Quorum is a legally required minimum number of voting members who need to be in attendance at a meeting in order for decisions to be made. For example, the BC Strata Property Act required quorum for an Annual General Meeting is 1/3 of votes.

Ransomware-as-a-Service (RaaS)

Ransomware-as-a-Service (RaaS) is a business model in which ransomware is licensed out to cyber criminals for a fee.

See also: Ransomware.

Regulatory Coverage

Regulatory Coverage is an insuring agreement found in policies that address data breaches such as Cyber, and Tech E&O. In the event of a privacy data breach, it covers costs, fines and penalties imposed by regulators.  Costs can include legal and investigative costs if privacy laws were compromised and if legal assistance is required to determine causation and understand whether regulations and protocols were followed.  Fines and penalties are covered in jurisdictions that allow such coverage.


Reinsurance is form of insurance for insurers. Insurance companies purchase reinsurance from a reinsurance company in order to transfer risk. Reinsurers may also reinsure. This process spreads the risk of loss over multiple entities.

Related term: insurance

Reservation of Rights

Reservation of Rights refers to a letter issued by an insurance company in response to a claim to limit their liability by reserving the right to investigate the claim and deny coverage if the claim does not qualify for coverage.

A Reservation of Rights letter may be standard procedure for some insurance companies. It may also be issued if coverage is in doubt, for example, if

  • the claim was reported late;
  • not enough information was provided to the insurance company to meet the definition of a claim; or
  • the insurance company suspects fraud

A Reservation of Rights letter is not the same as a Denial of Coverage letter.

Restoration Period

Restoration Period (or period of restoration) on a cyber policy refers to the time between the moment the network security event happens and the moment when the insured’s income is back to a “normal level”. Normal meaning whatever the income would have been without the network security event. Restoration Periods varies greatly and a longer period may be negotiated for additional premium.

See also: business interruption.

Retained Earnings

Retained Earnings is the portion of profits that a company has held back, rather than paid to shareholders as dividends. To find this number in a company’s financial statements, look under Shareholder’s Equity on the Balance Sheet.

Companies retain earnings for working capital, to pay bills, maintain, upgrade or buy assets or to pay off debt. Retained earnings can be negative due to accumulated losses. This can be a red flag for D&O underwriters as it means that the company will be dependent on debt or equity to fund operations.


A retention is the amount of an insurable loss that the insured needs to absorb or pay before the insurance policy will begin to pay out. It is the amount of risk that the insured retains.

Related terms: Deductible, First Dollar Defence, Self-insured Retention.

Retroactive Date

Retroactive Date is the earliest loss date covered by the insurance policy.

Retroactive Date is a provision found in some claims-made policies that excludes coverage for claims arising from wrongful acts that occurred prior to that date. The retroactive date is often the same as the first policy inception date. See more under Claims-Made.

Robin Hood Fraud

Robin Hood Fraud refers to an act of fraud in which the criminal doesn’t enrich themselves but rather gives the proceeds away.

Self-insured Retention (SIR)

Self-insured Retention (SIR) refers to that portion of the insurable loss retained by the insurance policyholder. When there is a claim, the insured party pays all costs until their self-insured retention amount is reached. It is only then that the insurance company begins to make payments on the claim.

Related terms: Deductible, Retention


Severability means the ability to separate.  In an insurance policy the term ‘severability’ refers to the ability to separate different parts of the policy or coverage so that if for some reason one part is invalidated, the remainder stays in effect.


Before a D&O insurance policy goes into effect, representatives of the insured organization must warrant that the information provided in the policy application is accurate and complete. With severability, the application for coverage is applied separately to each insured person and, in the case of misrepresentation only the coverage of those persons responsible for the misrepresentation are impacted.

See: Terms and conditions

Short-Rate Cancellation

Short-Rate Cancellation is a way of determining the refund amount that an insured will receive if they cancel their insurance policy before the expiry date. Short-rate cancellation calculation includes a penalty as a disincentive for early cancellation. Check the policy Terms and Conditions to see if Short-Rate Cancellation applies.
See also Pro-Rata Cancellation.
Read an article: Pro-rata vs short-rate cancellation.

Shrinking Limits

‘Shrinking limits’ or ‘shrinking limits defence’ is an insurance policy provision wherein defence costs reduce or may even exhaust the limit. Should defence costs consume the entire limit, the insured, not the insurance company would be responsible for any subsequent costs or damages.

Related terms: Aggregate limit, Limit, Sublimit.


Slander is spoken defamation.
See more under Defamation.


Smishing is the use of text messages to entice the victim to click on a link and enter confidential information. Similar to emails used in phishing, these text messages tend to convey urgency and feel personalized.
See also: Phishing, Spearing Phishing, Vishing.

Social Engineering Fraud Coverage

Social Engineering Fraud Coverage provides cover in the event that an employee falls victim to a social engineering scam. It is an endorsement that may be added to a cyber or a crime insurance policy. Related term: Social Engineering Fraud

Read the article: Social Engineering Insurance Explained

Spear Phishing

Spear Phishing is a form of phishing which involves sending carefully crafted emails, personalized for a specific individual, the target, to get the victim to reveal confidential information.
See more under Phishing.


Sublimit on an insurance policy refers to the maximum amount that the insurer will pay to the insured for a specific category of loss under the policy.
See also Limit, Aggregate Limit.


Subrogation is a policy condition that gives the insurer the right to pursue a third party to recover losses up to the amount that has been paid out to the insured. See: Terms and Conditions.

Subscription Policy

A subscription policy is an insurance policy on which two or more insurers share the risk. One insurer is the lead insurer responsible for managing the policy. Each participating insurer agrees to carry a set percentage of the insured risk until the risk is covered in full. This process is referred to as ‘subscription underwriting’. Should a claim occur, each insurer pays out according to their coverage percentage. Subscription policies are used when the total coverage required is more than any one underwriter is willing to carry.  

Related terms: Lloyd’s, underwriting.

Surety Bond

A surety bond is a type of insurance bond that guarantees performance as contracted or provides security. The bond doesn’t protect the buyer of the bond (the principal or obligor) but rather a third party (the obligee) who is at risk of experiencing a loss. There are many different types of surety bond such as contract bond, commercial bond.

Technology E&O Insurance

Technology E&O Insurance is an Errors & Omissions Insurance policy that covers providers of technology products or services against financial loss resulting from a claim against them for actual or alleged errors, omissions or negligent acts related to the use of their technology products and services. This can include damages arising from claims related to network security vulnerabilities and cyberattacks, along with expenses incurred to mitigate these situations.

Eg. An IT organization assists a business in migrating their data from one system to another. During the migration important data is lost. The IT organization never made back-ups. The client sues for damages.

Learn more – take the course!

Terms and Conditions

The terms and conditions section of an insurance policy spells out how the insurance policy will actually work once incepted. Also called, policy conditions. Look to this section for information on topics such as cancellation, claims reporting, representation, settlement, severability, subrogation.

See also: Arbitration, Conditions Precedent, Insurance Policy.

Third-party Employment Practices Liability Insurance (EPLI)

Third-party Employment Practices Liability Insurance (EPLI) intends to cover claims against the insured brought by an external third party such as a vendor or client. Such claims are often class action suits with substantial potential losses. Third-party EPLI generally only covers discrimination and harassment and is sold as a separate insuring agreement. See also: Employment Practices Liability Insurance.

Read an article about: Third-party Employment Practices Liability Insurance.
Learn more, take the course on Employment Practices Liability Insurance.

Third-party Liability Insurance

Third-party Liability Insurance refers to insurance designed to cover loss incurred by the insured as a result of its legal liability to a third party; that is, its legal obligation to compensate an external party for loss, injury or damages.  Also called third-party insurance.
See: liability, liability insurance

Triple Extortion Ransomware

Triple extortion ransomware is a ransomware attack in which the attackers apply three levels of pressure on their victims. The attackers encrypt and threaten to share or sell data as in a double extortion ransomware attack. In addition, they extend the threat of data exposure to third-parties who may be impacted, such as the victims’ employees, clients, and business partners.

See also: Cyber Extortion, Double Extortion Ransomware, Ransomware.

Trojan Horse

A Trojan Horse, as the name implies, is a type of malware that gets downloaded because it’s disguised as a legitimate program. The user might think they’re downloading a version of Adobe, but in fact it is malware disguised as Adobe. Usually it causes its damage once a user runs the program.


Troll refers to a person who posts disruptive content on the Internet. A troll may harass, criticize or post inflammatory, irrelevant or off-topic comments on online communities. Their intent is to provoke an emotional response for the troll’s amusement or another specific gain. Their action is known as trolling.


Underwriters are employed by insurance companies to assess the risk of insuring people and assets. They are responsible for determining a premium (revenue for the insurance company) based on the risk exposure (potential loss) to the insurance company after a thorough assessment of the risk. Insurance companies look for bright, business-minded, analytical individuals with strong interpersonal and commercial skills to become underwriters.
See also Premium and Risk Exposure.


Underwriting in insurance refers to the process of assessing, rating and accepting or rejecting insurance risk.

Learn more, read the article.
Related term: delegated authority

Vicarious liability

Vicarious liability is when one party holds responsibility for the actions of another due to the relationship between the two parties. For example, a corporation may be held vicariously liable for the acts of its employees. Some insurance policies offer vicarious liability coverage options, e.g., subcontractor vicarious liability coverage under a miscellaneous professional liability policy.

Virtual Private Network (VPN)

A Virtual Private Network (VPN) is technology that provides for a secure, encrypted connection over an existing network such as the public Internet.


Virus refers to a type of malware that hides within legitimate programs, and has the ability to self-replicate and infiltrate other programs and files. Like a non-computer virus, a computer virus’ goal is to replicate and spread itself as much as possible. A forensic investigator may be hired to determine the extent of damage caused by virus. This is an example of a first-party coverage that you want to look for in a Cyber Insurance policy.


Vishing is the use of telephone conversation to obtain confidential information from the victim, such as name, address and social insurance numbers; similar to phishing and smishing.

Wage and Hour

Wage and Hour refers to any action that violates wage and hour regulations such as paying employees less than minimum wage.
Learn more, take the course Employment Practices Liability Insurance.

Waiting Period

Waiting Period, as referred to in an insurance policy, is the time following an event that has to pass before coverage kicks in. You can think of it as a type of risk retention – a certain number of hours the insured has to absorb before coverage is triggered. As with a financial retention, there is a cost associated with a waiting period. Depending on the risk, the insurer might be open to negotiating the duration of the waiting period.

Working Capital

“Working Capital is the amount of money that a company has available to pay short-term obligations. Working Capital = Current Assets – Current Liabilities”

Written Premium

Written premium is an accounting term that refers to the amount that a customer pays for an insurance policy. It is the amount that is written on the books of the insurance company for a policy. Insurers use this number to assess sales performance i.e., did the company write x% more premium this quarter in contrast to the same quarter last year?

See: premium

Wrongful Act

A Wrongful Act is the specific event that triggers insurance policy coverage. Check policy wordings for to see how it is defined for the specific policy.

Wrongful Employment Practice

Wrongful Employment Practice refers to those practices that do not align with the legal requirements made of employers. Also referred to as an ‘injury-causing employment practice’, examples include such as discrimination, defamation, and sexual harassment.
See Employment Practice, Employment Practices Liability Insurance.

Zero-day Vulnerability

Zero-day vulnerability refers to a software vulnerability that is not yet known by the software vendor or developer. Until it is known and a patch implemented, the vulnerability can be exploited by hackers. Day Zero is the day the software vendor or developer finds out about the vulnerability.