Directors & Officers (D&O) — Glossary
Coverage Type

Directors & Officers (D&O)

Compare Directors & Officers (D&O) quotes from 10+ commercial insurance carriers — free, 5 minutes
No SSN required · No phone call required to get pricing
Definition. D&O covers personal liability of directors and officers for governance decisions, fiduciary breach, donor lawsuits, and similar claims.

Also known as: D&O, Directors and Officers Insurance

Critical for any organization with a named board, including nonprofits, religious organizations, schools, and corporations. Three coverage parts: Side A (individual officers when corporation can't indemnify), Side B (corporate reimbursement to indemnified officers), Side C (entity coverage for securities claims).

Real-world scenario

Coastal Dental Partners, a four-location dental group in Tampa with $6,200,000 in annual revenue and roughly 42,000 patient records, buys a Cyber Liability Insurance policy with a per-occurrence limit of $1,000,000, a $3,000,000 aggregate limit, and a $25,000 deductible. Their annual premium is $8,400. Because they store protected health information and run cloud practice-management software, the underwriter also adds a $250,000 cyber extortion sublimit and a $100,000 social engineering fraud sublimit.

Eight months in, a phishing email lets attackers deploy ransomware, encrypting all four offices and demanding $180,000 in Bitcoin. The insurer's breach coach engages a forensics firm that bills $95,000, negotiates the ransom down to $72,000, and pays it. Notifying 42,000 patients and staffing a call center costs $58,000, and credit-monitoring for affected individuals runs $34,000. A regulatory investigation under HIPAA adds $46,000 in legal defense, and two patients file suit, settling for $40,000 combined.

The offices are down for six days, triggering $88,000 of business income loss and $12,000 of extra expense for temporary IT. Total incurred: about $445,000. After the $25,000 deductible, the policy pays roughly $420,000 — well inside the $1,000,000 limit. At renewal the premium rises to $12,600, and the carrier mandates multi-factor authentication as a condition of coverage.

How it affects your premium

Cyber Liability premiums are priced on the volume and sensitivity of the data you hold and on how mature your security controls are. Underwriters weigh these drivers most heavily:

  • Records count and data type — Storing large volumes of PHI, payment cards, or SSNs raises per-record breach costs and drives premium up; PCI-DSS liability exposure alone can move a quote.
  • Security controls — Multi-factor authentication, endpoint detection, and tested backups can cut premiums sharply; their absence often means declination or a steep surcharge.
  • Limits and sublimits — Higher aggregate limits and generous cyber extortion or ransomware sublimits increase cost.
  • Deductible / retention — Choosing a larger deductible lowers premium but shifts more of each claim onto you.
  • Industry and revenue — Healthcare, finance, and retail pay more; premium scales with annual revenue as an exposure basis.
  • Claims and breach history — Prior incidents or a recent ransomware event raise the rate or restrict terms.
  • Third-party dependency — Reliance on cloud vendors adds dependent business interruption exposure that underwriters price in.
Ready to compare directors & officers (d&o) quotes?
Free quote in 5 minutes from 10+ carriers · No SSN required
Get My Quotes →

Common misconceptions

Myth: My general liability policy already covers a data breach.

Reality: It almost never does — most general liability policies exclude electronic data and breach response, which is exactly why standalone Cyber Liability exists.

Myth: Cyber insurance only pays for my own losses, like restoring my systems.

Reality: A complete policy blends both sides: first-party costs (forensics, notification, business income) and third-party liability for lawsuits and regulatory defense brought by affected people.

Myth: We're too small to be a target, so we don't need it.

Reality: Small firms are attacked precisely because they have weaker controls; a single ransomware event can trigger notification duties and a regulatory defense obligation that dwarfs the premium.

Frequently asked questions

What does Cyber Liability Insurance actually cover?
It typically covers breach forensics, customer notification, credit monitoring, ransomware and cyber extortion payments, business interruption, plus third-party liability for lawsuits and regulatory fines arising from a data breach.
How is it different from data breach insurance?
They overlap heavily; data breach insurance is often a narrower first-party subset focused on notification and response, while Cyber Liability adds third-party defense and broader coverage like funds transfer fraud.
Is a cyber policy usually claims-made?
Yes — most cyber policies are written on a claims-made basis, so the incident must be reported during the policy period and the retroactive date determines how far back prior events are covered.
Will it pay a ransomware demand?
Generally yes, subject to a sublimit and the insurer's approval; the carrier's breach coach usually negotiates the ransom and coordinates payment where legally permitted.
Does it cover an employee tricked into wiring money?
Only if you carry the social engineering fraud endorsement — that specific exposure is often excluded or sublimited unless added on.

Sources cited

  1. Directors and officers (D&O) liability insuranceInternational Risk Management Institute (IRMI) (2024)

Need directors & officers (d&o) coverage?

Compare quotes from 10+ commercial insurance carriers in 5 minutes. Free, no contact info required.

Get My Quotes →

Disclosures

📘 Educational content only. Reviewed by licensed Property & Casualty insurance agent Jason Wootton (NPN 7694718). Not insurance advice, an individual recommendation, or a solicitation in any state. Insurance regulations vary by state. For specific coverage decisions, consult a licensed insurance agent in your state.
Advertiser disclosure. Get Business Coverage is a licensed insurance referral service. We may receive compensation when you click links to carrier partners or complete a quote. This compensation may impact how and where products appear on this page, but it does not influence our editorial content or research methodology.
An unhandled error has occurred. Reload 🗙