While the Cyber Insurance market is on the increase the Cyber Security Breaches Survey states that only 43% of businesses have any sort of cover, leaving 57% of organisations hoping for the best.
While organisations are using cyber insurance it has to be noted that the organisation has the responsibility to ensure they have the technical capabilities to do everything to protect themselves.
The cyber insurance policies can only provide financial protection in addition to helping with any legal and regulatory actions after an incident.
As the demand is naturally going to increase so the cyber insurance providers are being more diligent, introducing detailed checks on the cybersecurity capabilities of their prospects.
There are other barriers to consider, as the costs are up.
A report from the broker Marsh states that 90% of clients saw a rise in cyber insurance pricing during Jan – June 2022.
If your organisation is thinking of cyber insurance then here are some tips you could utilise as the start of a framework to develop:
Know What You Have Now
Your organisation may already have cyber insurance in existing policies, as it could be captured under business interruption insurance.
Take the time to check your current cover and take advice from a specialist insurer or broker.
Understand The Risk
Know the extent of the cyber insurance coverages your organisation needs and the budget you want to work with.
You must identify the critical aspects of your organisation that need protecting the most but also those potential situations that must never take place.
Don’t just meet the minimal requirements of your cyber-security insurance, as you could leave your main assests exposed.
What data do you have, maintain and use within your operations and is it classed as being sensitive? (See Information Commissioner’s Office)
Get Your House In Order
Questions will be asked about your set up, touching on encryption and who has access etc. You will need to have detailed responses to help insurers have confidence in your operation.
The danger of not doing this is that some insurers might decide not to take you on.
On the flip side, discounts could be available for organisations that have recognised cyber security defences in place, i.e., like those certified by Cyber Essentials, or Cyber Essentials Plus.
This can reduce costs but it also demonstrates to customers, partners and suppliers cyber security is being taken seriously within your organisation.
Organisations with Cyber Essentials might obtain cyber liability insurance as part of this certification.
It won’t meet everyones requirements so it is important to check first.
If you have any questions about this type of cyber insurance, please refer to the information published by IASME.
Carry Out Research
You will find insurance differs with the risk you want to cover.
First-party relates to internal costs related to a data breach while Third-party will cover you for potential external costs, i.e. customers who also experience damage.
It is also important to include all relevant personnel in the process, as there will be specific legal, technical and process knowledge that will be required to ensure you obtain the right cover.
Use A Robust Procurement Process
When you know what you want make contact with a number of different insurance brokers and request a proposal.
Follow the same process for each one and scrutinise the small print and watch out for exclusions, deductibles, or conditions that you didn’t expect.
Your requirements will continue to change over time so it is important that you make sure your cover continues to meet your needs.
It is also important to keep revisiting the marketplace to make sure your supplier remains competitive.
Be aware that cyber attacks are constantly developing and becoming more difficult to defend against.
A new threat might not have existed when a policy was originally taken out so it is important to keep your cyber insurance up to date.
Always check with your broker to make sure there are no gaps in your cover.
We hope that these simple points help you to make a start.
Want the ASSURANCE of GUARANTEED cost reductions?
Contact us HERE for a FREE month’s trial.
Data source: National Cyber Security Centre