Authors: Bruce Wilson and Scott Franzen
The first cyber security policy was written in 1997. Then, about 10 years ago, the policies started gaining in popularity and became standard coverage in any risk transfer program. You don’t need to do too much research to find out why – open any newspaper or Google “cyber attack” and read about the latest corporation, municipality, or governmental organization that was hacked.
The insurance industry has gathered significant claims data since the first policy was written. It’s really in just the last few years that claims severity has increased significantly, resulting in insurance premiums increasing, capacity shrinking, and deductibles rising.
With the growing popularity and need, what should you consider for your cyber security policy? Here are 5 steps to help you leverage your coverage and protection:
Know the Scenarios
Cyber policies are robust and cover several different types of scenarios from ransomware, CryptoLocker, loss of business income, replacement of hardware, incident response costs (forensics, attorneys, notification, and credit monitoring expenses), and lawsuits from customers whose data was taken. A cyber attack can be devastating to your business, which is why the policy needs to be so comprehensive. Ask yourself – and importantly, your insurance agent partner – where you and your business are most vulnerable and should place the greatest focus.
Increase the Safeguards
Imagine there are two buildings that need fire insurance. One is located right next to a fire station, with a fire hydrant in front of the building, has sprinklers inside, a full-time night security guard, and is constructed of fire resistive material. The second building is located 10 miles from a volunteer fire station, the only water source is a lake, there are no sprinklers, no alarm, no watchman, and the construction is wood frame. You would expect these buildings would have drastically different premiums. Well, it’s the same for cyber. The more protections your system has, the lower your premium will be.
Below is a list of protections. The more safeguards you have in place, the more favorably the insurance company will view your policy.
- Multi-factor authentication (MFA) – one of, if not the most important underwriting factors today. For those not using MFA, there are certain carriers who are refusing to quote these risks while others are sub-limiting or eliminating important coverages, such as ransomware.
- Filter or scanning on incoming emails for malicious attachments or links
- Endpoint detection and response (EDR) tool for malware protection
- Established processes for rapidly applying critical security patches across servers, laptops, desktops, and managed mobile devices
- Are back-ups done regularly, stored offsite in the cloud and encrypted?
- Is all of your software still supported by the developer, or are they out of date and out of support? Certain carriers will not look favorably on “end of life” software, especially if it is not segregated from the rest of your network.
- Do you have endpoint detection and response?
- Do you have remote desktop protocol (RDP) mitigation?
- Do you have an incident response plan?
Train and Educate Employees
Many cyber-related losses have some type of “human error” associated with them. In fact, a Verizon 2022 Data Breach Report showed that 82% of breaches involved a human element. Education and training can help reduce this possibility. Conducting annual mandatory training for employees will help limit the risk of exposure by giving participants the ability to identify any security threats that could happen when working online and with computer systems.
Have a Business Continuity Plan
While you can implement measures to protect your data and systems, nothing is infallible, and a cyber event can put a serious strain on your business, resources, and reputation. Utilizing the scenarios from before, create a business continuity plan including an incident reporting process and workarounds to access key data or systems.
With the safeguards and coverage in place, be sure to stay on top of industry developments and keep an eye out for any suspicious activity – just as you would with any area of your business. That can mean everything from reading reports and articles (such as this), to regularly meeting with your IT staff on recent activities or red flags. And don’t forget to talk to your finance and accounting team to quickly address any unknown expenses, too. These are just a few of the ways you can be proactive on the cyber security front.
And, beyond the five tips above, don’t forget the importance of communication. Be sure that you are openly – and frequently – communicating with all stakeholders. This can mean your employees, your vendor partners, your customers, and more. Always have regular lines of communication – for operational updates and also, if needed, cyber updates. Additionally, talk to your insurance agent broker. The relationship should work as a partnership to ensure you are covered and that customized solutions are in place so you can focus your energies on the growth and success of your business.
Interested in learning more? Talk to a Hilb Group partner today.