A few questions, an honest premium range. Built on industry benchmarks for small and mid-size businesses across all 50 states.
Tell us about your business and we’ll show you a typical range. Final premium is set by the underwriter.
Estimates only. Industry benchmarks are based on aggregated 2024–2025 cyber market data and may not reflect actual carrier pricing for your specific business. Final premium is set by underwriting and depends on security posture, claims history, and policy form. RMO BizCyber is provided through licensed carrier partners.
Six factors set 80% of cyber insurance premiums. Here’s how each one moves the number.
Healthcare, finance, and legal carry HIPAA, financial-data, and privilege-data exposure. Premiums for these industries typically run 1.5–2.5× a general baseline.
Premiums scale with revenue because losses scale with revenue (business interruption, data exposure). Typical small-business pricing: roughly 0.1–0.5% of annual revenue.
Per-record breach response costs ($150–$400 each) drive premiums up sharply. Storing 50,000+ customer records is a meaningful pricing factor.
Higher limits raise premium roughly linearly up to about $2M, then more steeply at higher tiers. Most small businesses choose $1M as a baseline.
MFA, backups, employee training, and EDR usually unlock 10–20% discounts. Lacking MFA can disqualify you from many carriers entirely.
A prior breach or ransomware claim raises premium 25–100% for several years. Clean history is one of the most controllable pricing levers.
For most small businesses (under $1M revenue, 1–10 employees), cyber liability premiums typically range from $500 to $2,500 per year for $1M in coverage. Higher-risk industries like healthcare and finance pay more. Premiums scale up with revenue, employee count, and the sensitivity of data your business handles. The estimator above gives a more specific range based on your inputs.
A standard cyber liability policy covers: (1) data breach response (notification costs, forensic investigation, credit monitoring); (2) ransomware (extortion payments and recovery costs); (3) business interruption (lost revenue while systems are down); (4) third-party liability (lawsuits from customers whose data was exposed); (5) regulatory fines where insurable. Policy details vary by carrier — read the specific policy form.
For any business that handles customer payment information, personally identifiable information (PII), or critical operational data: yes. The 2023 Verizon Data Breach Investigations Report shows the median cost of a small-business breach is around $46,000 and 60% of small businesses close within 6 months of a major breach. A $1,500/year premium often pays for itself in a single incident.
General liability covers physical injuries and property damage. Cyber liability covers data, networks, and digital operations. A general liability policy will not pay for a ransomware attack, a phishing-driven wire transfer fraud, or a customer data breach — these are explicitly excluded on most general liability forms. If your business uses computers and stores customer data, you need cyber coverage as a separate policy.
This estimator uses industry-published benchmarks from carriers and brokers to produce a typical range. Actual premiums depend on a full underwriting review (security controls, MFA, backups, employee training, prior incidents) and can be substantially lower or higher than the range shown. Use this number for budgeting and comparison shopping; for an accurate quote, complete a cyber application with RMO BizCyber or a broker.
