Over the last few years, cybersecurity has been a subject of interest not only to organizations, but also to entire countries around the world. This was also the case for the insurance services, which has begun to make offers to many cyber-security organizations. This article focuses on the design of a methodology for expressing potential financial damages that may occur in the implementation of a cybernetic threat. Here are the defined parameters of the organization that can then determine the possible financial impact and also the optimal level of insurance coverage. Here is also the suggested possible future use of this methodology.