My client got hit with ransomware. They blamed my “insecure code” for the breach and sued me for $200,000. My Tech E&O policy agreed to defend the lawsuit (my bad code), but they refused to pay for the forensics team to fix my laptop, which was also encrypted. Then I realized I had skipped the “Cyber” endorsement to save $40 a month.
Key Takeaways
- Tech E&O = Liability (Them): Covers lawsuits claiming your work caused financial loss to a third party.
- Cyber Liability = Response (You + Them): Covers data breaches, ransomware payments, notification costs, and forensics for both your systems and the client’s.
- The Overlap: If you send a virus to a client, E&O covers the lawsuit, but Cyber covers the cleanup.
- First-Party Coverage: Only standalone Cyber covers your business interruption if you get hacked and can’t work.
The “Why”: The Failure to Supply vs. Data Breach
The Trap:
- Scenario A: You code a buggy app. It crashes. Client loses money. -> Tech E&O Claim.
- Scenario B: You get hacked. Hacker steals client data from your laptop. -> Cyber Claim.
- Scenario C: You code a buggy app. Hacker uses the bug to steal data. -> BOTH.
If you only have E&O, you have no coverage for notification costs (mailing letters to victims), credit monitoring, or regulatory fines.
The Investigation: I Quoted 3 Major Carriers
1. Coalition
- My Analysis: Coalition sells “Active Cyber.” They bundle Tech E&O and Cyber into one policy form. This is the safest way to buy in 2026. You don’t have to worry about which policy triggers; one adjuster handles the “Bug vs. Hack” debate.
2. Beazley
- My Analysis: Beazley invented Tech E&O. Their “MediaTech” policy is the gold standard. It seamlessly blends the two. They are especially good at “breach response”—they have a hotline that answers in 15 minutes.
3. Progressive (Referral)
- My Analysis: If you buy a BOP from Progressive, they might tack on a small “Cyber Sweep” endorsement. Warning: These usually have tiny limits ($10k or $50k). That is not enough for a 2026 ransomware attack.
[IMAGE: Venn diagram showing “Tech E&O” circle, “Cyber” circle, and the “Gap” in the middle]
Comparison Table: E&O vs. Cyber
| Feature | Tech E&O Only | Cyber Policy | Combined Policy |
| Client Lawsuits | YES | YES (Third Party) | YES |
| Your Lost Revenue | NO | YES (Biz Interruption) | YES |
| Ransom Payments | NO | YES | YES |
| Regulatory Fines | NO | YES | YES |
Step-by-Step Action Plan
- Check Declarations Page: Do you see “Cyber Liability” or “Network Security”?
- Check Limits: Is the Cyber limit $1M (good) or $50k (bad)?
- Review Exclusions: Does your E&O exclude “Data Breach”? If so, you have a massive gap.
- Buy a Standalone Policy: If your E&O carrier doesn’t offer robust Cyber, buy a separate policy from Coalition or Cowbell.
FAQ
I store everything in the Cloud. Do I need Cyber?
Yes. You are responsible for the access credentials. If your password is stolen, it’s your breach, not Amazon’s.
Is Cyber expensive?
For a freelancer, it’s about
1,000/year. A single breach costs $20,000 minimum.
Does Cyber cover social engineering (wire fraud)?
Only if you have the specific “Social Engineering” endorsement. Standard Cyber covers hacking; Social Engineering covers trickery.