Just like businesses insure against business problems, natural disasters, and physical risks, they need insurance coverage for cyber risks as well.
In 2018, Rob Ross lost $1 million dollars — almost his entire life savings — in about 20 minutes.
According to CNN Business, Rob was a victim of SIM hack which occurs when hackers take over a victim’s phone number by transferring it to a SIM card they control.
Sadly, Ross was not able to recover his money. “What happened to me can happen to anyone,” said Ross.
What is Cyber Insurance?
Cyber insurance is an insurance product designed to help businesses hedge against the potentially devastating effects of cybercrimes such as:
- Distributed denial-of-service (DDoS) attacks, or any other method used to compromise a network and sensitive data.
Also referred to as cyber risk insurance or cybersecurity insurance, these products are personalized to help a company mitigate specific risks.
What are the Benefits of Cyber Insurance?
Cyber liability insurance policies are tailored to meet your company’s specific needs and can offer many important benefits, including the following:
- Data Breach Coverage
- Loss of Income Reimbursement from Business Interruption
- Cyber Extortion Liability from Ransomware and similar Malware
- Forensic Support for Breach Investigation
- Legal Support for Costly Legal Fees
- Enhanced Supplemental Coverage Tailored for Your Business
Do You Need Cyber Insurance?
If you are a small to mid-sized business, you most likely do. As the number of applications, devices, etc. increases, an organization becomes more vulnerable to attacks – it isn’t about when it will happen, it’s about what you will do when it does. Just like businesses insure against business problems, natural disasters, and physical risks, they need insurance coverage for cyber risks as well.
If a costly breach occurs, your company may not have the resources on hand to combat these issues or recuperate losses. Cybersecurity insurance can provide support, so these attacks do not cripple your business.
How Does Cyber Hygiene Impact Insurance Coverage?
Cyber risk insurers analyze the strength of a company’s cybersecurity posture before issuing any policy. Level and quality of insurance coverage and access to enhanced coverage are affected by the following factors:
- If your business has not invested in suitable cybersecurity solutions, then you may not qualify for insurance, or it could be limited and expensive.
- Insurance companies today are focused on a company’s ability to prevent, mitigate, and respond to ransomware attacks.
- The ability to obtain coverage is increasingly dependent on cyber hygiene.
Here is a snapshot of the most critical items today that insurance companies often want you to have:
- Remote access to network
- Remote access to email
- Privileged user access
- Encrypted backups
- Device trust
Data Backup & Recovery
- Regularly scheduled
- Tested restoration
- Encrypted & separate from network (offline/air-gapped)
- Incident response & Disaster recovery planning
Other controls of concern:
- Patching cadence
- Endpoint Detection & Response tool implemented
- Employee training
- Email filtering & validation process
- Privileged account management
- (PAM) software
These practices go into a strong security strategy that insurance companies are looking for. To decide what coverage is necessary, cyber liability insurers calculate costs based on a variety of risk factors. Often among them are industry, data coverage and, most importantly, the security measures already in place. These providers want to ensure the clients are taking fundamental safety measures to protect their systems and users.
- THINGS YOU KNOW: A password (aka "Knowledge") or pin
- THINGS YOU HAVE: A security token (aka "Possession"), a badge or smartphone
- THINGS YOU ARE: Some type of biometric verification (aka "Being") like fingerprints, facial or voice recognition
Why GAM Tech?
Learn more on how our Managed IT Services and Support help your business grow!