From S$42/month, We simplify finding coverage that protects Singapore SMEs against the cyber risks your D&O, Property and Public Liability policies were never designed to cover — ransomware, PDPA penalties up to S$1 million, business interruption, and AI-driven social-engineering fraud.
Get an instant online quote with the premium calculator below.
It sits alongside (not inside) your existing D&O, Property and Public Liability cover — because those policies explicitly exclude digital asset loss, regulatory penalties under the Personal Data Protection Act (PDPA), and social-engineering fraud such as CEO wire-transfer scams and deepfake fraud.[1]
Five data-backed reasons your business is already exposed — sourced directly from CSA (csa.gov.sg) and PDPC (pdpc.gov.sg).
The CSA Singapore Cyber Landscape 2024/2025 report (released 3 September 2025) recorded 159 ransomware cases in Singapore — a 21% year-on-year increase — with manufacturing, professional services and ICT sectors most affected. The majority of victims were SMEs.[1]
CSA confirmed phishing remains the number-one initial access vector for cyber incidents affecting Singapore organisations, with AI-generated phishing content making attacks harder to detect. Only 13% of respondents in CSA's 2024 Public Awareness Survey could correctly identify every phishing attempt shown to them.[1][8]
On 28 October 2025, the PDPC imposed an S$315,000 financial penalty on Marina Bay Sands — the second-highest individual PDPA penalty ever issued — after a 2023 breach exposed the personal data of 665,495 patrons. PDPC explicitly stated MBS "failed to take reasonable security measures." Similar Protection-Obligation failures in SMEs now attract proportionate fines under the revised framework.[5]
CSA's 2024/2025 report flags supply-chain cyber-attacks as a structural vulnerability for Singapore businesses — attackers now target smaller, less-secure third-party vendors to reach larger organisations. For SMEs, a single compromised IT vendor, payroll platform or cloud app can expose your entire customer database.[1]
CSA reported that suspected Advanced Persistent Threat (APT) attacks on Singapore have quadrupled since 2021, with state-linked groups like UNC3886 targeting strategic assets. SMEs in the supply chains of regulated industries (fintech, healthcare, defence, telco) are increasingly collateral targets.[1]
Comprehensive cyber protection designed specifically for Singapore SMEs.
| Coverage Pillar | What You Get |
|---|---|
| First-Party Loss | Ransomware payments, fund-transfer fraud, business interruption loss of income, digital asset restoration |
| Third-Party Liability | Legal defence, customer lawsuits, regulatory investigations, PDPC notification costs |
| PDPA Fine Cover | Financial penalty defence up to full limit (up to S$2M), where insurable by law[2] |
| Incident Response | 24/7 Singapore hotline with Crisis Containment, Crisis Management & Crisis Resolution |
| Social Engineering & Deepfake Fraud | CEO-impersonation wire fraud, deepfake voice/video scams[3] |
| Reputation Management | Crisis PR, customer notification drafting, media response |
| Ransomware Negotiation | Licensed negotiators and decryption specialists — you never deal with attackers directly |
D&O, Property and Public Liability policies were written before ChatGPT existed. Here's the gap.
| Risk / Cost | D&O | Property | Public Liability | Cyber Insurance |
|---|---|---|---|---|
| Ransomware payment | ✕ | ✕ | ✕ | ✓ |
| PDPA financial penalty | ✕ | ✕ | ✕ | ✓ |
| Business interruption (cyber) | ✕ | ✕ | ✕ | ✓ |
| Forensic investigation costs | ✕ | ✕ | ✕ | ✓ |
| Customer data breach liability | ✕ | ✕ | ✕ | ✓ |
| Deepfake / social engineering fraud | ✕ | ✕ | ✕ | ✓ |
| Reputation / PR management | ✕ | ✕ | ✕ | ✓ |
Provide us the following:
Yes! That's the only 5 information we need.
The 6 questions Singapore SME owners ask Google and ChatGPT most often.
Cyber insurance for a Singapore SME starts from S$50–S$200 per month (approximately S$500–S$2,000 per year) for coverage up to S$250,000. Mid-tier policies for SMEs with S$1M–S$5M revenue range S$600–S$2,500 per year only, for the same S$250,000 coverage. The global average cyber premium in 2025 is around US$12,300, but Singapore SME pricing is significantly lower.[7]
Yes — specialist cyber insurance policies in Singapore can cover the legal defence costs and, where legally insurable, the financial penalty imposed under Section 48J(6) of the PDPA, which caps fines at S$1 million or 10% of your Singapore annual turnover, whichever is higher. Standard business policies (D&O, Property, Public Liability) do not cover PDPA penalties.[2]
Your D&O policy protects directors personally; Property covers physical damage; Public Liability covers bodily injury or property damage to third parties. None of these cover digital assets, ransomware payments, PDPA fines, business interruption from a cyber event, or social-engineering fraud. Cyber insurance is the only policy designed for data-related losses.
Cyber insurance is not legally mandatory for most Singapore SMEs, but it is effectively required if you (a) handle customer personal data under the PDPA, (b) fall under MAS Technology Risk Management (TRM) guidelines, or (c) are bound by client contracts demanding cyber cover. It is strongly recommended by CSA given the 21% rise in ransomware and 49% rise in phishing in 2024.[1]
While cyber insurance provides broad protection, it commonly excludes claims for bodily injury and physical property damage. Policies also deny coverage for intentional, criminal, or fraudulent acts by the insured. Additionally, prior known incidents, pending litigation, war, and widespread infrastructure or telecommunication failures are standard exclusions.
Yes. Just provide us these 5 company information: 1. Company Name, 2.Address, 3.Business Activities, 4.Last Year’s Revenue and 5.Company Website and we will get back to you within 1 working day. This is a significant improvement over traditional broker-led policies, which often require weeks of tedious form-filling and a two-to-four-week waiting period.
Adjust the sliders and options below to instantly calculate your indicative annual and monthly premium — based on real Singapore SME underwriting data.
All premiums are indicative annual figures in SGD (excluding GST). Final premium is subject to full underwriting review and policy wording.
For organizations with annual revenue exceeding SGD 20 million or requiring coverage above SGD 2 million, please contact us for a bespoke manual quote.
Under 2 minutes. No broker meetings, no paperwork.
Policies tailored for PDPA, MAS TRM and local regulatory context.
Local team on call — we know your business, language and law.
Protect millions in assets for the cost of a business lunch.
Registered SG entity with MAS-licensed underwriting partners.
CyberCover.sg is a Singapore-registered insurance intermediary. All policies are underwritten by licensed Singapore insurers. Information on this page is for general guidance only and does not constitute a binding insurance offer. Coverage terms, limits and premiums are illustrative; final terms subject to underwriting.