SPOT Cybersecurity Tip: Cyber Insurance Explained – Part 2

In Part 1 of Cyber Insurance Explained, we explained what Cyber Insurance covers. We learned about:

• Network security and privacy liability
• Network business interruption
• Media liability
• Errors and omission

In Part 2, we're going to learn about what to look out for when purchasing Cyber Insurance.

What's at Risk?

The bottom line is twofold - 1) cybercrime (and the associated business risk) continues to escalate, and 2) businesses rely on technology more than ever. That means that for most businesses, it's no longer a smart play to stick your head in the sand and ignore cybercrime. The business risk is just too high, so you should buy cyber insurance to protect your business.

What are the Costs of a Cyber Attack?

As you can see, there are hard costs such incident response and attorney fees, but the real damage of a Cyber Attack often lies below the surface - reputational damage, loss of customers and loss of intellectual property. Many businesses never recover from a Cyber Attack and go out of business.

What are the Gotchas when it comes to Cyber Insurance?

• Cyber Insurance Rates Increasing - After the pandemic hit, there was a hurried shift to remote work, which increased cyber risk and led to an increase in Cyber Insurance claims, which in turn led to an increase in premiums, deductibles, and required Cybersecurity Controls. Some carriers also left the market. All of these factors mean that some small businesses may find it difficult to obtain coverage.
• Cyber Insurance Applications are vague - When you apply for Cyber Insurance, you'll need to complete an application about what Cybersecurity Controls you have in place. These questions may sometimes seem vague and unclear. The main thing to remember is that if you want to protect a specific application or dataset, you'll need all of the required Cybersecurity Controls in place.
• Cyber Insurance Questionnaires need to be answered truthfully and accurately - When you obtain Cyber Insurance (or when applying), you need to make sure you truthfully and accurately answer all of the questions. You may need to reach out to your broker or carrier for clarification on questions. When in doubt, remember that any applications or data you want protected needs to have all of the Cybersecurity Controls in place.

And lastly, while your IT provider can help you fill out Cyber Insurance Application or Questionnaire, you as a business owner are ultimately responsible. So keep asking clarifying questions and make sure that you understand Cybersecurity Controls are in place, and ensure that they meet the requirements.

We hope you have learned what to look for when buying cyber insurance. If you'd like to learn more about how to gain the required cybersecurity controls to obtain cyber insurance, reach out to us for a complimentary Cybersecurity Discovery call. And stay tuned for Cyber Insurance Explained - Part 3 next week.