WE HAVE A LOT TO SAY

IT SOFTWARE APPS CLOUD NEWS EVENTS

 

 

insider threats

Does My Business Need Cyber Insurance?

All it takes is a quick glance at the news headlines to see that cybersecurity incidents are on the rise at an alarming rate. Companies are rushing to protect themselves through an extremely fast-growing market that seems to have come out of nowhere – cyber insurance. But just what is cyber insurance, and do you really need it? For some organizations, it can be a great complement to their existing security controls and procedures. For others, it could be nothing more than a waste of money on premium payments. Keep reading to learn more about what cyber insurance is, what it covers, and whether you should buy it for your business.

 

Just as the name implies, cyber insurance exists to help transfer the risks of cybersecurity attacks such as security breaches, data loss, cyber extortion, and other data related incidents. However, this type of insurance is relatively new having only been around for about 20 years. Because of this and the frequently changing nature of the cyberthreats, many questions still exist about just what this type of insurance will cover. Most providers who offer this product will customize their offering to meet the needs of your business. For example, your company may be more concerned about virus liability than a data breach, so most insurers will allow you to customize your policy and add various enhancements to meet your specific needs.

 

The first step in determining whether cyber insurance may be a practical expense for your organization is to perform a self-assessment of your level of exposure to cybersecurity incidents. You can tap the insurance provider and leverage their expertise in this task. Go ahead and complete an application for insurance. Even if you do not end up buying a policy, the application itself can help you assess questions you might have not considered otherwise. 

 

If your organization stores customer data or does most of its business online, for example, through Amazon Web Services or another cloud provider, then you should strongly consider buying a policy. Remember that even if you outsource your data handling, you would still be liable for a breach if it occurs. 

 

Next, you should assess your potential liability should a breach occur so that you can determine the proper amount of coverage. Data breaches today are becoming more and more expensive, so this is a critical step to ensure you have enough coverage. Cyber insurance premiums typically range between $7,000 – $35,000 per million in coverage depending on the risk profile of your business. While this might seem expensive, it can significantly reduce your financial burden should you ever get compromised.

 

As you evaluate coverage options, there are also a couple of considerations that you should keep in mind. The first is that a cyber insurance policy is not a replacement for proper security setup, controls, and governance. Just like health and life insurances are not a viable substitute for a healthy lifestyle, a cyber insurance is just that – insurance in the case Plan A doesn’t work out. It should not be used instead of a security plan. In fact, you may even be denied coverage or forced to pay extremely high premiums if you do not already have proper security controls and processes in place. You will be required to explain your existing processes as part of the application process.

 

Another consideration is that you could be denied coverage in the future based on the specifics on an incident, particularly if it could have been avoided by actions on your part. For example, if a data breach occurs and that breach could have been prevented by the practice of multi-factor authentication, then your claim could be denied because you did not take proper action to secure your data. At the very least, you should be aware that these types of policies are still very immature, and litigation is just the beginning that will eventually shape the future of this type of coverage and liability limits.

 

Cyber insurance is an emerging market, and if your organization regularly houses intellectual property or customer data, then you should consider applying for a policy. Knowing specifically the type of coverage you need and the amount of coverage you require will go a long way toward getting you the best deal on coverage. Simply going through the process of applying for coverage will force you to assess your current security controls, and it could allow you to uncover some gaps that you migh have not identified otherwise. For this reason alone, it is a great idea to apply for coverage, even if only in the spirit of research at first. Cyber insurance insurance can be a great complement to your existing security measures and a smart investment in your peace of mind.

 

Have questions about cyber insurance or looking for an unbiased opinion befor you apply? Contact the 3nom expert today for a free consultation

 

 

Improve Your Productivity

Subscribe to learn more