Make no mistake, the potential damage and monetary loss suffered by your business as a result of a cyber attack is astronomical.
In Canada alone, losses due to cyber crime total at more than $3 billion a year (that’s 17% of our GDP, for reference’s sake).
On an individual level, a devastating cyber attack is known to cost a business $5 million on average. Those are some scary statistics, to be sure.
What You Can Do to Protect Your Business Against Cyber Crimes?
While there are many preventative measures you can take to protect yourself against a potential cyber attack, the fact is there is only so much you can do.
There is a strong likelihood that your business (especially if it deals with Personally Identifiable Information (PII), Protected Health Information (PHI) or Payment Card Information (PCI)) will be the target of a cyber attack at least once a year.
The answer to the above question then, in short, is that having strong cyber security measures in place is the best defense against a cyber attack. Although it’s still not an absolute certainty it will grant immunity from cyber threats.
Want to Boost Your Cyber Security Measures for the Best Protection?Talk to us today! |
Since there’s still no guarantee data breaches won’t occur, you’ll need a way to cover the cost when a cyber incident happens.
And that’s what cyber insurance covers in a nutshell, which we’ll break down further on in this blog.
What Do I Need to Know About Cybersecurity Insurance Companies?
For now, it’s important to stay mindful of the fact that cybersecurity insurance companies are just like every other insurance firm, in that they want to avoid a payout any way they can.
The way they do that, primarily, is if they can successfully accuse you of failing to do your due diligence, then they have grounds to deny you compensation.
Thus, the main point of this checklist is to help you remain fully compliant with your cyber liability insurance policy so that when a security breach does happen, you can take some solace knowing you’ve done everything you can to optimize your risk management approach.
To get you better acquainted with the wide world of cyber insurance coverage policy requirements, here’s a quick breakdown of the types of coverage offered, before you buy cyber insurance.
First Party Coverage
In layman’s terms, first party coverage deals with the costs directly related to resolving a cyber attack.
To give an example, let’s suppose your business is the victim of a ransomware attack.
A first-party liability coverage program will help you with the cost of returning access to your IT stack, resolve the digital extortion, undo any data loss and restore your pre-existing cyber security infrastructure.
This type of coverage can also help mitigate damage to your business’ reputation by providing (as an example) PR assistance or complimentary credit monitoring to any afflicted users.
It can also help cover costs related to notifying individuals who may have had their personal information stolen plus notifying regulators as well (which several laws require you do).
Basically, first party coverage deals with the immediate aftermath of a cyber attack, helping you to better protect your company along with its reputation.
Third Party Coverage
This type of coverage supports you in the event of any long-term repercussions as a result of a data breach in your system.
For example, if one of your customers had their personal information stolen, they may issue a lawsuit against you, the resulting legal costs for which third-party coverage could help cover such as settlement fees, fines and lawyer costs.
Want to Learn More About Cyber Insurance and Cyber Security? Read these Blogs Today. |
5-Step Cyber Insurance Coverage Checklist to Increase Your Chances of a Payout
As mentioned before, cyber insurance companies will take any opportunity to deny your claim if they have reasonable grounds.
The upside is that many of the items on the following cyber insurance coverage checklist will also help you reduce your own cyber risk, ultimately reducing the chance of a cyber attack.
1. Be Completely Transparent with Your Cyber Insurance Company
The more you get along with, and divulge information to, your carrier, the better the overall experience will be.
Be prepared to dig yourself in and communicate a lot with the underwriter. It’s a long and involved process, but the more you divulge and the more communicate the better. It will make the insurance company trust you and put you in the best position possible to get the best policy and premium.
2. Get Professional IT Help to Ensure You’re Always in Compliance with Your Insurer’s Requirements
Depending on the size of your company, you could have more IT to deal with on a daily basis than your own resources can handle. To that end, it would be best to enlist the aid of a managed service provider to take the burden of IT off your shoulders.
With the right IT managed service provider by your side, you could have all your policy requirements checked and confirmed every day (or even every hour), to make sure that your carrier would have zero reasonable grounds to deny your claim.
3. Enhance Your Weak Passwords
One of the most common accusations of a company having not done their “due diligence” in protecting their customers’ data is by having implemented weak passwords.
Passwords like “password123” are considered inherently weak and practically pose no barrier to hackers whatsoever (and often, one correctly guessed login is all it takes to corrupt the whole network).
This is especially important for higher-level executives within your company. Ensure you implement the proper IT training and talk to your people about using strong passwords.
4. Not Having a Correctly Configured Firewall
An essential line of defense for any business, firewalls are of supreme importance and they absolutely need to be correctly configured, updated, tested and maintained at frequent intervals.
The more sensitive your data, the larger your company and more drastic the economic fallout of a data breach, the more often you’ll need to work on your firewall. Keep it hot and tightly woven, and your cyber insurance company will find it hard to deny your payout.
5. Failing to Make Use of Anti-Virus Software
This one seems like a no-brainer these days, however you will be required to do more than just ensure all of your devices have the software installed.
For instance, does every device on your network have the most up-to-date version of the antivirus software? Do any of your employees access company data using their personal devices, and is the antivirus software installed there as well?
These are all avenues of potential data breaches, and only a dedicated managed IT service provider will be able to keep track of it all so that you remain in compliance with your cyber insurance policy.
Getting Help Ensuring Your Cyber Insurance Coverage Policy Requirements
The fact is, when it comes to making sure you’re in compliance with your cyber insurance policy, there’s a monumental amount of work to do.
Here at Tenecom, we’ve been pioneering the management and safeguarding of business IT since 1986.
Our highly qualified team brings a wealth of knowledge, understanding, and expertise to assist in the development and implementation of all your computing requirements.
Talk to us today about your IT needs, or for a consultation on your cyber insurance needs as well.