If you’ve been paying attention, you know that cyber crime has only been growing each year. While we’ve provided some statistics about the matter, and even offer help with making sure your network is secure, some risk of being compromised still exists. If an attack does happen to make it past your defenses, what happens next? The legal fees and the costs of rectifying the matter can be enormous. As a result, 3 out of 5 small businesses close after a cyber attack. Cyber insurance can help keep the doors open after an attack.
What is Cyber Insurance?
Cyber insurance is a fairly new product, but it works much like any insurance policy. Specifically, in the event of a breach, the insurance company will help shoulder some of the costs associated with the breach. What exactly is covered varies from policy to policy. Policies can cover many of the following:
- Cost of data recovery
- Notifying clients of a breach
- Losses incurred during downtime
- Remediation costs
- Investigation costs
- Ransom payments
Cyber insurance policies can cover even more than this. Coverage depends on what you select during the purchasing process and even who you purchase it from.
What Cyber Insurance is NOT.
Policies are not guarantees. An insurance provider may deny your claim under certain circumstances. According to Argo Group, nine out of ten incidents receive payment from an applicable cyber insurance policy. For example, P.F. Chang’s suffered a cyber attack in 2014. Their insurance provider only paid for some of the losses, but did not cover any of the fees or assessments.
Cyber insurance is NOT security. It will never replace actually protecting your data. You MUST protect your data and your network using established security protocols. No cyber insurance policy will ever cover a breach that could have been prevented in the first place.
What Should Your Organization Do?
Cyber insurance may or may not be for you. If you can fit it in the budget, we definitely recommend getting it. It’s risk management that protects you just in case something goes wrong. Better safe than sorry. So here are a few tips to follow in the buying process.
1. Shop around.
As stated earlier, this is a relatively new type of insurance. The market will continue to evolve. Up until recently, there weren’t a lot of options available for small businesses. More insurance companies are now providing affordable coverage targeting small businesses. Look for companies that are established and have been around for at least three years.
2. Evaluate Your Needs vs. What the Policy Covers.
Make sure you know exactly what the policy does and does not cover. Ask how each policy would cover specific types of breaches. Make sure the contract you sign matches what you’re told by the agent. Read the fine print.
3. Find a Reputable Provider.
In addition to be around for at least three years, make sure the company has a history of actually paying their claims. If you search for the company’s name, and you find multiple news articles about them not paying, you may want to look elsewhere.
4. Know Your Obligations.
Each insurance provider will have some requirements that need to be met in order to qualify for coverage or for a claim to be considered. You must implement whatever policies, procedures, or technology to remain insurable. This may require the help of IT professionals.
5. Review Policies Semiannually.
Every six months, compare your needs vs. your coverage… again. You may need additional coverage that you didn’t before because of new technology or even new products you sell. Cyber attacks are also constantly evolving. Verify that your insurance covers new types of attacks or previously unknown threats.
6. Protect Your Data.
This is always your first line of defense. No cyber insurance policy is going to help you if you don’t adequately and proactively protect your data and your network. Have qualified IT professionals evaluate your security. That security should include firewalls, security software, audit logging, and proper training for personnel. Your backup process also needs to be evaluated to ensure that it’s also secure.
Let Us Help.
Pit Crew IT Services doesn’t sell cyber insurance, but we operate by the old saying “prevention is better than cure”. With proper setup and monitoring, we make it our mission to prevent cyber attacks from gaining a foothold in your business systems. If you buy cyber insurance, we can help you avoid needing to use it. Just request a free consultation below to get started.