What Is Cyber Insurance? The Comprehensive Guide for Switzerland
What Is Cyber Insurance? — Definition and Classification
Cyber insurance (also: cyber risk insurance, IT insurance or cyber policy) is an insurance product that protects companies and individuals from the financial consequences of cyber attacks, data protection violations and IT security incidents. It belongs to the category of property and liability insurance and has been available in Switzerland for approximately ten years.
According to the Federal Office for Cybersecurity (BACS), over 59,000 cybercrime cases were registered in Switzerland in 2024 — an increase of around 8%. Yet only approximately 10% of Swiss SMEs are insured against cyber risks. An alarmingly low figure considering that 60% of SMEs that suffer a severe cyber attack must file for bankruptcy within 24 months.
Cyber Insurance vs. Traditional Insurance
| Insurance type | Physical damage | Data loss | Business interruption (IT) | Data protection liability | IT forensics |
|---|---|---|---|---|---|
| Property insurance | Yes | No | No | No | No |
| Business liability | Yes | Partially | No | No | No |
| Cyber insurance | No | Yes | Yes | Yes | Yes |
What Does Cyber Insurance Cover?
Own Damages (First-Party Coverage)
1. IT Forensics and Incident Response — CHF 15,000–80,000 per incident 2. Data Recovery — CHF 20,000–150,000 3. Business Interruption — Average downtime after ransomware: 23 days, CHF 5,000–50,000/day 4. Crisis Management and Communication — CHF 10,000–60,000 5. Cyber Extortion (Ransomware) — Average demand in Switzerland 2024: CHF 280,000 6. Notification Costs — CHF 8–15 per person notified (nFADP: 72-hour deadline to FDPIC)
Third-Party Damages (Third-Party/Liability Coverage)
1. Data Protection Liability — Fines up to CHF 250,000 (personal!) 2. Network Security Liability — Claims from malware spread via your systems 3. Media Liability — Personality rights and copyright violations 4. Legal Protection — CHF 300–600/hour for specialised cyber lawyers
Assistance Services (24/7)
Most Swiss cyber insurers offer a 24/7 hotline with immediate access to IT security experts, data protection lawyers, crisis consultants and ransomware negotiation experts. This immediate help is often the most valuable component of the policy.
What Does Cyber Insurance NOT Cover?
| Exclusion | Explanation |
|---|---|
| Intentional acts | Damages deliberately caused by the insured |
| War and terrorism | Cyber attacks as part of warfare (“War Exclusion”) |
| Known vulnerabilities | Damages from known, unpatched vulnerabilities |
| Bodily injury and property damage | Physical damage to persons or objects |
| Contractual penalties | Penalty clauses from third-party contracts |
| Infrastructure failure | Power, telecoms or ISP outages |
| Long-term reputational damage | Long-term customer loss after an incident |
| Fines (partially) | Insurability varies by canton |
| Missing basic security | When basic IT security standards are not met |
Who Needs Cyber Insurance?
Short answer: Every company that uses digital systems or processes personal data.
| Company size | Risk assessment | Recommended? |
|---|---|---|
| Sole proprietor / Freelancer | Medium | Yes, basic coverage |
| Micro-SME (1–9 emp.) | High | Strongly recommended |
| Small SME (10–49 emp.) | Very high | Essential |
| Medium SME (50–249 emp.) | Very high | Essential |
| Large enterprise (250+ emp.) | High | Standard |
36% of Swiss SMEs have already been attacked (Mobiliar/ETH 2024). For companies with 50+ employees, this rises to 47%.
What Does Cyber Insurance Cost in Switzerland?
| Company size | Employees | Typical annual premium | Typical coverage |
|---|---|---|---|
| Individuals | — | CHF 40–200 | CHF 10,000–50,000 |
| Micro-SME | 1–10 | CHF 400–2,000 | CHF 100,000–500,000 |
| Small SME | 11–50 | CHF 600–5,000 | CHF 250,000–2M |
| Medium SME | 51–250 | CHF 2,000–10,000 | CHF 1–5M |
| Mid-market | 250–1,000 | CHF 5,000–29,000 | CHF 3–10M |
| Large enterprise | 1,000+ | CHF 20,000–100,000+ | CHF 10–50M |
ROI: Average attack costs for an SME (50 employees): CHF 350,000 vs. annual premium of CHF 3,000–8,000. Ratio: 1:44 to 1:117.
The Swiss Cyber Insurance Market
The market grew from CHF 72M (2020) to CHF 172M (2024). Major providers: AXA, Zurich, Helvetia, Mobiliar, Allianz Suisse, Baloise, Generali, Vaudoise. Premium differences for CHF 3M coverage: up to CHF 17,000 per year.
FAQ
Is cyber insurance mandatory in Switzerland?
No (as of 2026), but increasingly required contractually by business partners. In regulated sectors it is effectively becoming mandatory.
Does cyber insurance pay for ransomware?
Yes, most Swiss policies cover ransomware attacks including forensics, data recovery and business interruption. Ransom payment coverage varies by provider.
Can I deduct premiums from taxes?
Yes. Premiums are fully deductible as business expenses for both federal and cantonal taxes.
Conclusion: Cyber Insurance Is No Longer a “Nice-to-Have”
With over 59,000 cybercrime cases per year and average SME damage of CHF 350,000, the need for action is clear. Cyber insurance provides financial protection, immediate expert help, legal security under the nFADP, and reputational protection through professional crisis management.
Your next step: Have your situation analysed free of charge by BTAG Versicherungsbroker AG. As an independent broker in Bern, BTAG compares all Swiss cyber insurers and finds the policy that fits your risk profile and budget. Request a consultation now