Cyber Insurance – 57% Companies Exposed

Cyber Insurance

While the Cyber Insurance market is on the increase the Cyber Security Breaches Survey states that only 43% of businesses have any sort of cover, leaving 57% of organisations hoping for the best.

While organisations are using cyber insurance it has to be noted that the organisation has the responsibility to ensure they have the technical capabilities to do everything to protect themselves.

The cyber insurance policies can only provide financial protection in addition to helping with any legal and regulatory actions after an incident.

As the demand is naturally going to increase so the cyber insurance providers are being more diligent, introducing detailed checks on the cybersecurity capabilities of their prospects.

There are other barriers to consider, as the costs are up.

A report from the broker Marsh states that 90% of clients saw a rise in cyber insurance pricing during Jan – June 2022.

If your organisation is thinking of cyber insurance then here are some tips you could utilise as the start of a framework to develop:

Know What You Have Now

Your organisation may already have cyber insurance in existing policies, as it could be captured under business interruption insurance.

Take the time to check your current cover and take advice from a specialist insurer or broker.

Understand The Risk

Know the extent of the cyber insurance coverages your organisation needs and the budget you want to work with.

You must identify the critical aspects of your organisation that need protecting the most but also those potential situations that must never take place.

Don’t just meet the minimal requirements of your cyber-security insurance, as you could leave your main assests exposed.

What data do you have, maintain and use within your operations and is it classed as being sensitive? (See Information Commissioner’s Office)

Get Your House In Order

Questions will be asked about your set up, touching on encryption and who has access etc. You will need to have detailed responses to help insurers have confidence in your operation.

The danger of not doing this is that some insurers might decide not to take you on.

On the flip side, discounts could be available for organisations that have recognised cyber security defences in place, i.e., like those certified by Cyber Essentials, or Cyber Essentials Plus.

This can reduce costs but it also demonstrates to customers, partners and suppliers cyber security is being taken seriously within your organisation.

Organisations with Cyber Essentials might obtain cyber liability insurance as part of this certification.

It won’t meet everyones requirements so it is important to check first.

If you have any questions about this type of cyber insurance, please refer to the information published by IASME.

Carry Out Research

You will find insurance differs with the risk you want to cover.

First-party relates to internal costs related to a data breach while Third-party will cover you for potential external costs, i.e. customers who also experience damage.

It is also important to include all relevant personnel in the process, as there will be specific legal, technical and process knowledge that will be required to ensure you obtain the right cover.

Use A Robust Procurement Process

When you know what you want make contact with a number of different insurance brokers and request a proposal.

Follow the same process for each one and scrutinise the small print and watch out for exclusions, deductibles, or conditions that you didn’t expect.

Regular Reviews

Your requirements will continue to change over time so it is important that you make sure your cover continues to meet your needs.

It is also important to keep revisiting the marketplace to make sure your supplier remains competitive.

Be aware that cyber attacks are constantly developing and becoming more difficult to defend against.

A new threat might not have existed when a policy was originally taken out so it is important to keep your cyber insurance up to date.

Always check with your broker to make sure there are no gaps in your cover.

We hope that these simple points help you to make a start.

P.S.

Want the ASSURANCE of GUARANTEED cost reductions?

Data source: National Cyber Security Centre

Contract Management – 8 Critical Points For Success

Contract Management - A Definition Contract management is the process of overseeing and administering the various stages of a contract, from creation to execution and beyond. It involves ensuring that all parties involved fulfil their obligations and that the...

Disaster Recovery Plan – 13 Critical Steps You Cannot Avoid

Disaster Recovery Plan - A Definition A disaster recovery plan is a documented and strategic approach that organisations follow to restore normal operations after a natural or man-made disaster. I can also be described as a business continuity plan and it...

Maverick Spend – Discover 7 Top Tips & Reap The Benefits

Maverick spending, also known as rogue spending or maverick buying, is a term used to describe purchases made within an organisation that do not comply with established procurement policies and processes. While it is not always the case these transactions are usually...

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.