Cyber Insurance Coverage Gap Analyzer

Measure how much cyber loss remains on your balance sheet after policy limits, retention, and excluded costs. Enter the maximum loss at risk, program limit, retention, uninsured expenses, and optional incident probability to surface residual exposure, expected loss, and coverage efficiency before renewing or buying excess layers.

Estimated insurable financial loss from a severe cyber incident (lost revenue, response costs, restoration).
Aggregate limit of liability for your cyber insurance program (primary plus any excess layers included).
Retention or deductible you must absorb before coverage responds to the incident.
Estimated costs not covered by the policy, such as reputational damage, regulatory fines, or capped sublimits.
Optional — defaults to 100% when blank. Apply a probability to convert scenario residual exposure into expected loss.

Illustrative modeling only. Review policy terms with your broker and legal counsel to confirm actual coverage.

Examples

  • Example 1 — $40,000,000.00 loss at risk, $5,000,000.00 limit, $500,000.00 retention, $3,000,000.00 uninsured, 25% incident probability ⇒ Residual exposure: $38,500,000.00 | Insurer pays: $4,500,000.00 | Retention owed: $500,000.00 | Loss above limit: $35,000,000.00 | Expected residual (probability applied): $9,625,000.00 | Expected insurer payment: $1,125,000.00 | Coverage ratio: 10.47%
  • Example 2 — $12,000,000.00 loss at risk, $15,000,000.00 limit, $250,000.00 retention, $1,200,000.00 uninsured ⇒ Residual exposure: $1,450,000.00 | Insurer pays: $11,750,000.00 | Retention owed: $250,000.00 | Loss above limit: $0.00 | Expected residual (probability applied): $1,450,000.00 | Expected insurer payment: $11,750,000.00 | Coverage ratio: 89.02%

FAQ

How should I estimate uninsured costs?

Include regulatory fines, reputational damage, long-tail legal fees, and any policy exclusions your broker highlights so the gap reflects total economic impact.

Can I evaluate multiple policy layers?

Run the calculator for each layer and sum insurer payments to see how stacking limits reduces residual exposure.

What if retention applies to multiple incidents?

Use the per-incident retention for a single event scenario. For aggregated claims, model each separately or multiply the retention by expected incident count.

Does business interruption waiting period affect the result?

Adjust the loss at risk to reflect revenue excluded during the waiting period so the coverage ratio matches policy language.

How should I set the incident probability input?

Use historical claim frequency, tabletop results, or cyber risk quantification outputs to estimate annual probability. The expected residual figure scales the scenario impact by that likelihood.

Additional Information

  • Insurer payment equals the insurable loss up to the limit minus the retention, never below zero.
  • Residual exposure adds retention, any loss above the limit, and excluded costs to show what remains self-insured.
  • Optional incident probability converts scenario outputs into expected dollars for planning and capital allocation.
  • Coverage ratio compares insurer payment to total scenario costs, including uninsured impacts.
  • Separate retention owed and loss above the limit to highlight whether additional layers or lower deductibles would shrink the gap.

Related calculators