Boxx Insurance Inc. is a Toronto-based Insurtech and MGA.
We specialize in risk management solutions for small-to-medium sized businesses (SMBs). The company’s flagship product, Cyberboxx, interlocks leading edge cyber insurance and cybersecurity expertise and assistance. Threat intelligence, cybersecurity experts, and full data backup and recovery are all made available to SMBs at an affordable monthly price. Cyberboxx allows you to stay ahead of cyber threats, learn from the best, respond to attacks, and re-secure your business faster and more cost-effectively.
Yes, Boxx Insurance Inc. acts under authority given to it by Lloyd’s of London to quote, bind, endorse, renew, and cancel Cyberboxx cyber and data insurance policies, as well as collect premiums.
Cyber insurance helps businesses decrease risk by offsetting the costs involved with recovering from a cyber-related breach or similar event.
It is protection against cybercrime, which is on the rise in Canada and globally. Security breaches are now inevitable, with 70% of hacks targeting small to midsized businesses to steal/exploit data or hold a business to ransom.
In general, cyber insurance policies have two primary components:
There are many reasons why cyber insurance is necessary for your business. As businesses become ever more reliant on technology and hold more and more sensitive data, the risks from suffering a loss related to problems computer systems continue to grow. This can lead to unforeseeable costs from negotiating a ransom, lost revenue, a damaged reputation, and legal and regulatory costs, not to mention the associated business disruption.
No, but cyber insurance will help cover the costs to adhere to mandatory regulatory requirements. The Government of Canada legally requires that all private sector organizations, of all sizes, take measures to secure their data, monitor security threats, and respond and recover from a breach if the worst happens.
On November 1, 2018, revisions to Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) as per the Digital Privacy Act came into effect, requiring organizations to adhere to certain obligations before, during, and after a breach of security, including the following:
Cyber insurance is sometimes included as part of business insurance, but the amount of coverage tends to be very limited and generally not aligned with current cyber risk reality.
Cyber insurance and business insurance have very different purposes. While they may complement each other, they operate very differently. We strongly recommend you understand each before accepting and/or buying either or both.
Equifax, Sony, Air Canada, and many other large corporations have entire in-house I.T. departments devoted to security. Yet, they still suffer data breaches.
A simple oversight like not updating software, not setting appropriate user authentication procedures for third party vendors, losing an unencrypted laptop, or a rogue employee with malicious intent, can all lead to a cyber attack. A risk your I.T. team may not be able to prevent.
What does the Cyberboxx insurance policy cover?
Cyberboxx membership provides essential protection against your cyber risk exposure. Our insurance coverage includes but is not limited to*:
Cyberboxx coverage will pay to defend and settle claims made against you for failing to keep customers’ personal data secure. The policy includes protection if you mistakenly infect someone’s system by sending them an infected email or your failure to keep your computer system secure.
Protection if your online content infringes someone’s intellectual property rights, including if done by a hacker, such as the inadvertent infection of another system with malware through an email attachment.
Prior Acts Coverage: Insurance for undetected and unknown infections which were present during time of policy purchase but effectively a “wake up” in the form of malware or cyber ransom afterwards.
Cyber Deception or Social Engineering Coverage: Insurance for the loss of money as a result of a social engineering or phishing attack against you which results in your voluntary transfer of money to an unintended third party.
*This communication provides general information on Cyberboxx’s products and services only and is not intended to be, and does not constitute, a solicitation of business. Coverages are subject to underwriting and may not be available in all provinces. The information contained herein is not a part of an insurance policy and may not be used to modify any insurance policy that might be issued. In the event the actual policy forms are inconsistent with any information provided herein, the language of the policy forms shall govern.
Yes. The policy is triggered by the breach of electronic and non-electronic data that includes theft and loss. With Cyberboxx, your business has access to insurance for a sophisticated hack, but also for leaving a paper file on a train or sending information by email to the wrong person.
There are certain categories of businesses that are deemed higher risk and, therefore, will trigger underwriting consideration:
Cyberboxx memberships are available through licensed insurance brokers in Ontario, Alberta, and British Columbia. Please contact your local insurance broker to receive a Cyberboxx quote.
All quotes are provided online at the invitation-only sales portal pages. Please contact us at firstname.lastname@example.org to access.
The Insurer may cancel the contract or reduce the amount that will be paid if a claim is made, or both. If the failure to tell the Insurer is fraudulent, the Insurer may refuse to pay a claim and treat the contract as if it never existed. We ask that all applicants try their best to answer the questions as accurately and completely as possible.
30 days from the date of the quote estimate. A future commencement date up to 30 days in advance of the day of submission can be selected during the online application.
During the online quote process, you will be guided through each step. If you do not accept the quote when received, you will be able to click within the emailed quote estimate and re-enter online to retrieve and complete the quote. However, it must be done before the 30-day quote estimate validity period expires. The total premium must also be paid when the quote is accepted.
Cyber attacks and breaches are often discovered well after they occur. However, many cyber insurance policies do not provide coverage for any acts that occurred prior to the effective date. Our Prior Years policy endorsement extends the coverage of insurable events to prior to the policy inception date. This ensures peace of mind that you have coverage irrespective of when the first incident or breach first occurred.
Under Prior Acts Coverage, the policy may be limited by a Retroactive Date stated in the policy schedule. The policy does not provide cover in relation to any matter arising under the policy that occurs before the stated Retroactive Date. For example, the Retroactive Date may be stated as 1st January 2018 if the inception date of the policy is 1st January 2019 i.e. not greater than 365 days before the policy inception date.
Limit of Liability means the limit of the Insurer’s liability for a particular cover under this policy. The Limit of Liability for each applicable cover, any sub-limits of Liability, and defense costs are part of that amount and are not payable in addition to the Limit of Liability.
Responding to a breach incident quickly is critical. Boxx is unique in having its own dedicated emergency response team. As a result, if you are a Cyberboxx member, you speak to a breach incident response expert to help contain the risk as quickly as possible.
Our professionals are here to support you during breach incidents, whenever you need us - across the globe and around the clock. A cyber breach isn’t always a disaster, but mishandling one can be. When a cyber security breach occurs, time works against you. Most hackers accomplish their objectives within the first 5 hours of gaining access to your network. With our coverage, we provide the resources to help you contain the incident on your first call to us and help prevent an incident from causing material damage to your business or reputation.
Here are some of the steps we go through:
The Policy can be cancelled by the Insured with 30 days notice to the Insurer, and no refund will be provided regardless of the cancellation date. Please inform your broker of your intentions to cancel.
For corporate or media:
Telephone: 1-416-583-3721 Email: email@example.com
Telephone: 1-888-349-6660 Email: firstname.lastname@example.org
Please contact us at email@example.com