Your tech company just crossed $25 million in revenue. Congratulations—you’re also now exposed to $10 million in potential liability from a single software glitch or data breach. Resilience announced expanded Technology Errors & Omissions (Tech E&O) insurance on October 17, 2025, targeting exactly this scenario—mid-sized and larger tech firms that outgrew basic coverage but face escalating AI and cyber risks.
The expansion matters because it combines two historically separate insurance products into one policy: cyber liability and operational technology risk. If your company develops software, manages customer data, or deploys AI systems, you’re now eligible for coverage that didn’t exist at this scale a year ago.
Who qualifies? U.S. companies with annual revenue above $25 million, UK firms above £50 million, and EU businesses above €25 million. Coverage extends up to $10 million through a Lloyd’s coverholder agreement, meaning the financial backing is solid and the geographic reach is global.
Why Tech Companies Above $25M Revenue Face Different Risks
Revenue size changes everything in technology insurance. Below $25 million, you’re dealing with standard business liability. Above that threshold, three things happen simultaneously:
- Customer contracts get bigger and demand higher liability limits. Enterprise clients routinely require $5-10 million in E&O coverage before signing agreements, especially for mission-critical software or data handling.
- Product complexity increases. Mid-sized tech firms typically operate multiple products, integrate third-party APIs, and handle larger data volumes—each adding potential failure points.
- Regulatory scrutiny intensifies. Companies at this scale attract attention from state attorneys general, FTC enforcement actions, and data protection authorities in multiple jurisdictions.
Traditional general liability insurance doesn’t cover these exposures. You need specialized protection.
Resilience’s expanded offering addresses this gap by blending cyber and technology operational risks into a single policy. Instead of juggling separate cyber liability and E&O policies with potentially conflicting coverage terms, you get unified protection against:
| Risk Category | Coverage Examples |
|---|---|
| Professional Negligence | Software bugs causing client financial losses, failed implementations |
| Data Integrity Issues | Database corruption, incorrect AI model outputs, data accuracy failures |
| Service Disruptions | System downtime exceeding SLA commitments, API failures affecting clients |
| Cyber Events | Ransomware attacks, data breaches, network security failures |
The $10M Coverage Limit: What It Actually Protects
Ten million dollars sounds substantial. But consider what it needs to cover when something goes wrong:
Legal defense costs alone in a data breach lawsuit can hit $2-3 million before trial. Add settlement payments, regulatory fines, customer notification expenses, and credit monitoring services—you’re looking at $5-7 million for a mid-sized incident affecting 100,000 records.
The expanded coverage isn’t just about higher dollar amounts. It’s structured to handle the specific ways technology companies get sued today, particularly around AI and automated systems.
Three scenarios drive most Tech E&O claims at this revenue level:
- AI model failures causing financial harm. Your recommendation engine steers a client toward poor investment decisions. Their losses: $4 million. Your liability: defense costs plus damages.
- Software defects disrupting critical operations. Your SaaS platform goes down for 36 hours during your client’s peak season. They lose $2 million in sales and sue for breach of contract and negligence.
- Data confidentiality breaches. Your system inadvertently exposes proprietary customer data to competitors. Multiple clients sue simultaneously for economic damages.
Without adequate E&O coverage, defending even one of these claims could consume your operating cash and force layoffs or emergency financing.
Lloyd’s Backing: Why the Partner Matters
Resilience isn’t underwriting this coverage alone. The policy operates through a Lloyd’s of London coverholder agreement, which matters for two practical reasons.
First, financial strength. Lloyd’s maintains an A (Excellent) rating from A.M. Best and provides a central fund backing all syndicates. When you file a $10 million claim, you’re not relying solely on a single insurer’s balance sheet—you’re accessing Lloyd’s collective market capacity of roughly £50 billion.
Second, global claims handling. Tech companies above $25 million typically operate internationally. If your EU subsidiary faces a GDPR enforcement action while your U.S. parent deals with an FTC investigation, Lloyd’s infrastructure handles multi-jurisdiction claims coordination that smaller insurers struggle to manage.
The coverholder structure also allows Resilience to customize policy terms faster than traditional insurance models. When new technology risks emerge—like recent concerns about AI hallucinations causing professional errors—coverholders can adapt coverage language within weeks rather than waiting for annual policy form updates.
Geographic Expansion: Why Revenue Thresholds Differ by Region
Notice the eligibility requirements vary by geography: $25 million in the U.S., £50 million in the UK, €25 million in the EU. These aren’t arbitrary numbers—they reflect different legal and market conditions.
U.S. litigation costs run higher than European equivalents. American companies face class action lawsuits, aggressive discovery processes, and jury trials that can produce eight-figure verdicts. UK and EU companies operate under different legal frameworks with lower settlement patterns but stricter regulatory oversight.
The £50 million UK threshold (approximately $63 million USD) accounts for Britain’s smaller tech market and different liability environment. Companies hitting that revenue mark in the UK typically have operational complexity and international exposure similar to $25 million U.S. firms.
EU companies at €25 million face significant GDPR compliance obligations and potential fines up to 4% of global revenue, creating liability exposure comparable to larger U.S. counterparts.
If your company operates in multiple regions, you qualify based on where you’re domiciled and where the majority of revenue originates. A U.S. company with $30 million in revenue and an EU subsidiary qualifies. A UK-only firm with £40 million doesn’t—yet.
Should Your Tech Company Buy This Coverage Now?
Three factors determine whether you need expanded Tech E&O insurance immediately:
Your current coverage limits. Pull your existing E&O and cyber liability policies. Add up the aggregate limits. If the total falls below $5 million and you’re handling sensitive data or mission-critical systems, you’re underinsured relative to potential exposure.
Your contract requirements. Review your top 10 customer contracts. What liability limits do they require? If multiple contracts demand $5-10 million in coverage and your current policy maxes out at $2 million, you can’t legally fulfill those agreements.
Your growth trajectory. Companies approaching the $25 million revenue threshold should secure expanded coverage before crossing it. Insurance underwriting gets more complex as you scale, and pre-existing issues can make coverage harder to obtain. Lock in coverage while your risk profile is clean.
Pricing varies based on your specific technology stack, customer concentration, and claims history. But expect annual premiums in the $15,000-40,000 range for $5 million in coverage, scaling up to $40,000-80,000 for the full $10 million limit.
That’s expensive. But compare it to defending a single lawsuit without coverage: $150,000-300,000 in legal fees before you reach a settlement.
What Makes This Different From Standard E&O Policies
Traditional Errors & Omissions insurance was designed for professional services—architects, consultants, accountants. It covers negligence in delivering those services but wasn’t built for technology-specific risks.
Resilience’s Tech E&O product handles scenarios standard E&O policies exclude:
- Third-party code and open-source vulnerabilities that create security exposures in your product, even though you didn’t write the flawed code.
- AI and machine learning model errors where the algorithm produces incorrect outputs despite proper implementation.
- Cloud infrastructure failures where your service disruption stems from your hosting provider’s outage but you’re still liable to customers.
- Data integrity claims where information accuracy issues cause financial harm, even without a privacy breach or cyberattack.
The blended structure means a single incident triggering both E&O and cyber liability doesn’t require you to navigate which policy responds. When a ransomware attack forces you to take systems offline and causes client business interruption, you’re not arguing with two different insurers about coverage allocation.
The AI Risk Factor Nobody’s Talking About
Buried in the coverage expansion is something critical: explicit protection for AI-related operational failures.
As companies integrate AI into products and services, they’re creating novel liability exposures that traditional insurance wasn’t designed to cover. An AI model that provides incorrect medical information, faulty financial advice, or discriminatory hiring recommendations creates professional liability—but it’s not human negligence in the traditional sense.
Early AI liability cases are starting to work through courts now. Companies are being sued for:
- AI systems that make discriminatory decisions in lending, hiring, or pricing
- Recommendation algorithms that cause financial losses
- Automated content moderation that wrongly removes legitimate business content
- AI-generated code that introduces security vulnerabilities
Standard E&O policies often have ambiguous language around automated decision-making. Resilience’s expanded coverage explicitly addresses “technology-related errors or omissions,” which includes AI model failures.
If you’re deploying AI in any customer-facing capacity, this coverage isn’t optional—it’s essential. The first major AI liability verdict could easily hit eight figures, and you don’t want to be the test case for whether your existing policy responds.
Frequently Asked Questions
What’s the difference between Tech E&O and cyber liability insurance?
Tech E&O covers professional negligence in delivering technology services—think software bugs, failed implementations, or incorrect data processing that causes financial harm. Cyber liability covers security breaches and privacy violations—think ransomware, data breaches, or network intrusions. Resilience’s expanded policy combines both into one coverage form, eliminating gaps where an incident might trigger both types of claims.
Do I need $10 million in coverage if my largest client contract only requires $5 million?
Contract requirements set your minimum, but actual exposure determines what you need. Consider aggregate exposure: if you have 20 significant clients, a systemic product defect could trigger multiple simultaneous claims. Legal defense costs also erode your coverage limit before any settlements. Many companies buy 1.5-2x their largest contractual requirement to maintain adequate protection after defense costs.
Can I get this coverage if my company is below the $25M revenue threshold?
Resilience’s 2024 product launch included coverage for smaller companies, though specific eligibility wasn’t detailed in the expansion announcement. Contact Resilience directly or work with an insurance broker specializing in technology E&O to explore options for sub-$25M companies. Other carriers also offer Tech E&O at lower revenue levels, though with different policy structures and limits.
How long does underwriting take for this type of policy?
Expect 2-4 weeks for full underwriting at these coverage levels. Insurers will review your technology stack, security controls, customer contracts, claims history, and financial statements. Companies with clean records and strong cybersecurity practices can sometimes get conditional approval in 7-10 days, with final binding following document review. Start the process 60 days before you need coverage to avoid gaps.
Does this coverage include defense costs within or outside the policy limit?
Most Tech E&O policies, including typical Lloyd’s-backed coverage, include defense costs within the aggregate limit (called “eroding limits”). This means a $10 million policy that spends $2 million on legal defense only has $8 million left for settlements or judgments. Some policies offer defense costs in addition to limits at higher premium costs. Always clarify this in your policy review—it significantly impacts actual protection.
Bottom Line
Resilience’s expansion into $10 million Tech E&O coverage for companies above $25 million in revenue addresses a real market gap. Mid-sized technology firms face enterprise-level liability exposure without access to enterprise-level insurance solutions.
The blended cyber and E&O structure makes sense. Technology failures rarely fall cleanly into one category or the other. Combining coverage eliminates disputes about which policy responds and gives you unified protection against your actual operational risks.
If your company meets the revenue thresholds and handles customer data, delivers software products, or deploys AI systems, review your current coverage. Compare your policy limits against your largest contracts and realistic loss scenarios. Ten million in coverage sounds generous until you’re defending your company against multiple simultaneous claims.
The expanded offering went live in October 2025. Companies should evaluate eligibility now, before the next major cybersecurity incident or product failure drives premiums up across the market.