A spoofed email moved $77,000 in minutes. We got it back in 7 days.
Most Texas employers believe they're covered. Most aren't. Standard General Liability has silent gaps that leave your treasury, your data, and your reputation exposed when an incident actually occurs.
Coverage options are available to explore now — all policies require broker review before binding.
Transferred out of a client account via a spoofed vendor email. Without a Social Engineering endorsement, it would have been gone permanently.
What your current policy probably doesn't cover
General Liability was not written for the modern threat environment. These are the six gaps we find on almost every commercial account we audit.
Spoofed vendor emails, CEO impersonation, BEC scams. Standard GL calls these "voluntary" transfers and denies the claim.
Often uninsuredRevenue lost while systems are down, ransom negotiation costs, and restoration expenses — rarely covered by off-the-shelf endorsements.
UnderinsuredTexas law (Tex. Bus. & Com. Code §521) requires notification when personal data is breached. Forensic and legal costs add up fast.
Regulatory riskIf your vendor is breached and your client data leaks, the lawsuit comes to you — even if the breach wasn't in your systems.
Often excludedEmployees using AI tools and cloud platforms create new data residency and liability questions most policies were never designed to address.
Emerging gapA laptop leaving the building with client records triggers notification obligations under Texas law — even without a confirmed breach.
OverlookedA cyber audit, not a policy pitch
We read your current policy language before we recommend anything. Most brokers don't. Here's what we check on every engagement.
-
Social Engineering endorsement reviewDoes your policy explicitly cover voluntary wire transfers initiated by deception? Most don't — we verify this on every account.
-
Business interruption trigger analysisWhen does your BI coverage actually start? Many policies have waiting periods and exclusions that eliminate the claim entirely.
-
Third-party vendor contract alignmentWe cross-reference your coverage terms against your vendor contracts to close downstream liability gaps before they become claims.
-
Texas regulatory compliance checkTex. Bus. & Com. Code §521 notification obligations, and HIPAA exposure if you handle any health data.
-
Carrier response capability reviewWe only place coverage with carriers who have dedicated forensic, legal, and recovery response teams — not just reimbursement.
-
AI & cloud tool exposure mappingWe ask how your employees actually use AI and cloud tools, then assess whether your policy language covers the resulting exposure.
Schedule a 15-minute cyber audit
Bring your current declaration page. We'll tell you exactly where your gaps are — no obligation, no pressure, no sales pitch.
Book Your Audit →Built for employers who can't afford a gap
Every cyber risk profile is different. We work with organizations where a single incident could disrupt operations, trigger regulatory action, or end client relationships.
Law firms, accountants, consultants — you hold client data and wire transfers. Both are prime targets.
HIPAA obligations plus patient data means breaches carry regulatory fines on top of notification costs.
Shared systems across locations expand your attack surface. One breach can compromise every location.
Public records and critical infrastructure make local government a rising ransomware target.
Donor data and tight budgets make nonprofits high-value targets with low IT defenses — a dangerous combination.
Contractual cyber requirements from enterprise clients often exceed what standard policies provide.
Carrier Comparison · SMB Cyber
Chubb vs. Coalition vs. Cowbell: Choosing a Cyber Carrier for a Small Texas Business
For a lean Texas business — think roughly 15 employees and $2–5 million in revenue that accepts card payments (PCI DSS) and touches health information (HIPAA) — the right cyber carrier comes down less to the headline limit and more to how each one structures sublimits, incident response, and regulatory coverage. Here is how three carriers we frequently place stack up, and exactly what to scrutinize before you bind.
| Chubb | Coalition | Cowbell | |
|---|---|---|---|
| Model | Large, financially strong carrier (Cyber ERM / DigiTech ERM) with broad forms and a deep claims operation. | “Active Insurance” — pairs the policy with built-in security monitoring and real-time risk alerts. | “Adaptive” cyber built for SMBs, using continuous underwriting and its Cowbell Factors risk score. |
| Best fit | Businesses that want a blue-chip balance sheet and hands-on advisory behind the policy. | Businesses willing to act on real-time alerts and want fast, in-house breach response. | Smaller, leaner operations that want quick placement and ongoing risk scoring. |
| Incident response | Vetted vendor panel plus a dedicated Cyber Risk Advisor; complimentary loss-mitigation services in year one for businesses of 100 employees or fewer. | In-house Coalition Incident Response; forensics/IR generally carry no out-of-pocket cost, and many incidents for engaged policyholders resolve without eroding the limit. | Managed incident response with risk-engineering support and breach-preparedness services. |
| Security & underwriting | Underwriting risk measurement plus on-demand advisory on common small-business tech. | Continuous external scanning with alerts throughout the policy term. | Continuous underwriting and risk scoring across the whole policy lifecycle. |
| Where it stands out | Financial strength, breadth of coverage, and claims depth for more complex exposures. | Prevention plus rapid in-house response; retention can step down toward zero with claim-free years, and lower funds-transfer retentions apply when fraud is reported within 72 hours. | Speed and SMB-tailored pricing, with continuous visibility into your risk. |
Positioning reflects each carrier’s published product approach. It is not a statement of the specific terms in any policy — those are confirmed only in a quote and policy.
The sublimits that decide your real coverage
Two policies can share a $1 million limit and still protect you very differently, because the events most likely to hit a business like yours are usually sublimited — capped well below the full limit. Ask every carrier to show the sublimit next to the aggregate limit for: funds-transfer fraud & social engineering (a top SMB loss, and frequently sublimited), ransomware/extortion, regulatory defense & penalties, and PCI fines & assessments.
Incident response and response-time expectations
When something goes wrong, the difference between carriers is how quickly and completely they respond. Confirm how fast the breach hotline engages, whether the policy pays for a breach coach (legal), forensics, and credit/identity monitoring for affected individuals, and — critically — whether those response costs erode your limit. Coalition and Cowbell lean on managed/in-house response; Chubb uses a vetted panel coordinated by a Cyber Risk Advisor.
If you accept card payments (PCI DSS)
Not every cyber policy covers PCI fines and assessments the same way — some treat them as a covered regulatory matter, some apply a low sublimit (often in the $100k–$500k range), and some exclude them outright. That matters because card-network penalties can run $5,000–$100,000 per month. If you run e-commerce or store cardholder data, make PCI coverage and its sublimit an explicit question.
If you handle health information (HIPAA)
Regulatory-defense costs are covered under virtually every cyber policy that includes a regulatory provision, but whether a fine itself is payable depends on the penalty tier and your state’s insurability rules — lower-tier, remedial HIPAA penalties tend to be more insurable than higher-tier willful-neglect penalties. Confirm any HIPAA-specific sublimit. And know your Texas clock: you must notify affected Texans within 60 days of discovering a breach, and the Texas Attorney General within 30 days if 250 or more residents are affected (Tex. Bus. & Com. Code §521.053). If you also sponsor a health plan, see our group health coverage for how these obligations connect.
What drives your premium at $2–5M in revenue
For a business your size, premium is shaped by revenue and record volume, the sensitivity of your data (holding both card data and PHI raises exposure), your industry, your security controls (multi-factor authentication everywhere, endpoint detection, tested offline backups, email filtering, and staff training), your claims history, and the limit and retention you choose. Strong, verifiable controls can lower both your premium and your retention — and with carriers like Coalition and Cowbell, keep improving them over the policy term.
In 2025 the U.S. average data-breach cost hit a record $10.22 million, and healthcare led all industries at $7.42 million (IBM). Your numbers are smaller — but a single wire-fraud loss or PHI breach can erase a year’s profit.
Get a 15-Minute Coverage Review →
Educational only — not an offer of insurance or a quote. Carrier programs, coverage terms, sublimits, and availability vary by insurer, policy version, and state, and are confirmed only in a quote and policy. 4J Insurance Agency is an independent brokerage and is not affiliated with or endorsed by Chubb, Coalition, or Cowbell.
Sources: IBM Cost of a Data Breach 2025 · Chubb Cyber ERM · Coalition Active Cyber Insurance · Cowbell Adaptive Cyber · Tex. Bus. & Com. Code §521.053
What Texas employers ask us most
Straight answers — not policy boilerplate.
Find out if you're actually covered — before you need to be.
A 15-minute call with Deon is all it takes. Bring your current declarations page and we'll tell you exactly where your gaps are.
Schedule Your Cyber Audit →No obligation. No sales pitch. Veteran-owned and carrier-independent.
