QBE Cyber Insurance Review NZ 2025 | Coverage, Cost, Claims

Q: What security controls does QBE typically expect before binding cover?

QBE's underwriting questions consistently focus on: multi-factor authentication on email and remote access, tested offline/offsite backups, endpoint protection, an enabled firewall, a published patching cadence, and employee security awareness training. Stronger controls generally improve the cover available and the price.

Company Overview

QBE Insurance Group, founded in 1886, has grown to become one of the world's top 20 general insurance and reinsurance companies. With a strong presence in New Zealand, QBE combines international expertise with deep local market knowledge to provide comprehensive cyber insurance solutions for businesses of all sizes.

The company's approach to cyber insurance is characterized by its focus on risk prevention and incident response, backed by decades of insurance expertise and a robust understanding of the evolving cyber threat landscape. QBE's New Zealand operations are supported by a global network of cyber security experts and resources.

Ready to protect your business?

Stewart Hunt at FCIB (FSP748591) frames your risk and approaches QBE — typically a one-business-day response.

Compare Quotes Now

Cyber Insurance Coverage

Core Protection Features

✓
First-Party Coverage
Protection for your business's direct losses from cyber incidents
✓
Third-Party Coverage
Protection against claims made by others due to your cyber incident
✓
Cyber Crime
Coverage for financial losses from cyber fraud and social engineering
✓
Business Interruption
Compensation for lost income during system outages

Additional Coverage Options

✓
Reputational Harm
Coverage for loss of income due to reputational damage following a cyber incident
✓
System Failure
Protection against system failures not caused by cyber attacks
✓
Contingent Business Interruption
Coverage for losses due to system failures at key vendors or suppliers

Risk Management Services

Prevention Services

• Security awareness training
• Vulnerability assessments
• Penetration testing
• Risk assessment tools

Incident Response

• 24/7 incident reporting
• Forensic investigation
• Legal support services
• Crisis management

Industry-Specific Solutions

Professional Services

Tailored coverage for law firms, accounting practices, and consultancies.

• Professional liability integration
• Client data protection
• Regulatory compliance support

Retail and Hospitality

Comprehensive protection for retail businesses and hospitality providers.

• PCI compliance coverage
• Point-of-sale protection
• Customer data security

Manufacturing

Specialized coverage for manufacturing and industrial businesses.

• Industrial control system protection
• Supply chain cyber risk
• Operational technology coverage

Claims Process

Streamlined Claims Handling

QBE's claims process is designed to provide rapid response and efficient resolution of cyber incidents, with a focus on minimizing business disruption and financial impact.

Claims Process Steps

1. Initial incident reporting
2. Immediate response activation
3. Expert team deployment
4. Claim resolution and recovery

Support Services

• Dedicated claims handler
• Technical investigation team
• Legal advisory services
• Recovery assistance

QBE pricing

QBE cyber premiums are quote-dependent. We don't publish dollar ranges on this page because real numbers depend on revenue, sector, the security controls you have in place (MFA, tested backups, EDR, patching cadence), claims history, and the specific cover requested.

What's worth knowing about QBE's pricing model: QBE's NZ cyber product is often written alongside their existing commercial-lines book, so it can be cost-effective if QBE already holds your other cover. Stronger controls — MFA on email and remote access, tested offline backups, EDR, an incident response plan — generally improve both the cover available and the price.

Get a QBE quote →

How QBE compares

We don't publish a side-by-side price table on this page because making one would require fabricating numbers — real cyber premiums are quote-dependent and not directly comparable without your application data.

What's directionally true based on each insurer's published wording: QBE's NZ cyber product is often written alongside their existing commercial-lines book, so it's a reasonable choice if QBE already holds your other cover. AIG's CyberEdge is widely written for mid-sized to large NZ businesses with regulated-industry exposure. Delta is NZ-owned and runs locally-based incident response. NZI, Zurich, and Dual New Zealand are also on FCIB's wider cyber panel and may be the right fit for specific sectors. The right insurer for you depends on your sector, controls, and the specific cover triggers that matter for your business.

Step-by-Step Claims Process

Immediate Incident Reporting (Within 24 Hours)

Contact QBE's 24/7 cyber incident hotline: QBE NZ Cyber Hotline

Provide incident details and policy number
Describe the nature of the cyber event
Receive immediate case number and assigned claims handler

Initial Assessment (24-48 Hours)

QBE's cyber response team conducts preliminary assessment:

Coverage verification and policy review
Deployment of approved incident response vendors
Forensic investigation authorization
Communication with legal and PR teams if needed

Incident Response & Containment (Week 1-2)

Active management and mitigation of the cyber incident:

Forensic analysis to determine breach scope
System containment and security patching
Data recovery and system restoration
Notification to affected parties (if required)

Claims Settlement (Week 2-6)

Financial resolution and recovery support:

Review and approval of incident response costs
Business interruption loss calculation
Settlement of covered expenses
Post-incident risk management recommendations

Average settlement time: 4-6 weeks from initial claim

Frequently Asked Questions

How much does QBE cyber insurance cost in New Zealand?

Cyber premiums are quote-dependent. We don't publish QBE dollar ranges on this page because real numbers depend on revenue, sector, the security controls you have in place (MFA, tested backups, EDR, patching cadence), claims history, and the specific cover requested. Submit a quote and Stewart Hunt at FCIB will frame your risk profile and approach QBE for actual numbers.

What does QBE cyber insurance typically cover?

QBE's cyber wording covers two broad categories: first-party costs (forensic investigation, data recovery, business interruption, ransomware response, customer notification, credit monitoring, PR/crisis management) and third-party liability (privacy-breach claims, regulatory action, PCI-DSS-related penalties). Sublimits, exclusions and waiting periods sit inside the policy schedule — read the actual wording for what's covered for your business.

Does QBE cover ransomware payments?

QBE's cyber wording does include ransomware/extortion cover, with sublimits depending on the policy tier. Sanctions screening applies to any payment, and QBE must be notified before any payment is made. The decision to pay vs not pay is made with legal counsel — the insurer does not direct you either way. Read the policy schedule for limits and exclusions.

What security controls does QBE typically expect before binding cover?

QBE's underwriting questions consistently focus on multi-factor authentication on email and remote access, tested offline/offsite backups, endpoint protection, an enabled firewall, a published patching cadence, and employee security awareness training. Stronger controls generally improve the cover available and the price.

Can I get QBE cyber insurance if I've been breached before?

Maybe — it depends on how recent the incident was, whether root-cause vulnerabilities have been remediated, and whether litigation or a regulatory investigation is still active. Be upfront on the application: non-disclosure of a prior incident is one of the fastest ways to have a future claim declined.