Cybersecurity and Fraud Protection

What to Consider Before Purchasing Cyber Insurance

Amid the constant threat of cyberattacks, many businesses are considering cyber insurance. Would a policy be right for you?


Amid the constant threat of cyberattacks, many businesses are considering cyber insurance. Would a policy be right for you?

Cybercrime has escalated in recent years, particularly ransomware. In 2019, the FBI’s Internet Crime Complaint Center received 2,047 complaints of ransomware, with adjusted losses totaling over $8.9 million, according to its annual report. Business email compromise and phishing attacks have also risen as hackers use any vulnerability in validation processes or other best practices to try to gain entry into an organization’s computer systems.

And the threat is more real than ever. Since the COVID-19 pandemic began, cybercriminals have picked up the pace, launching new attacks on multiple industries, including healthcare organizations, government agencies and educational institutions. They seek to disrupt business operations, steal personal data and intellectual property, and cause reputational damage.

As cybercrime has become more lucrative for hackers, organizations are considering additional resources to help protect their employees, clients and customers and cover the high costs associated with recovery. One of these options is cyber insurance. But what is cyber insurance and what does it cover?

 

What is Cyber Insurance?

Insurance is a method of risk transfer that places specific risks to another person or entity for some or all of the associated financial loss. An insurance policy transfers risk through a contractual obligation from an insured to an insurance provider, subject to the terms and conditions of the insurance policy.

A cyber insurance policy provides coverage to the insured in the event of a cyberattack that results in the loss of data and/or the breach of confidential information. Depending on the terms and conditions of the cyber insurance policy, the insured could recover the cost of:

  • Restoring personal identities of impacted customers
  • Data restoration
  • Business interruption that results in the loss of income
  • Communicating to clients, customers, employees and other stakeholders
  • Fines and penalties
  • Security and privacy liability
  • Cyber extortion
  • Network interruption

 

Is Cyber Insurance Right for Your Organization?

Any organization that is considering cyber insurance should consult with its technology and risk departments as well as other advisors, such as an insurance broker that specializes in cyber insurance coverage. Together they should assess the risk of cyberattacks and evaluate the value an insurance policy may provide. This evaluation would include the insurance policy’s deductible, premium, limit of coverage and coverage terms.

Each organization will have its own unique needs, which can include, but are not limited to: deductibles, coverage levels and insurable risks. Each of these variables can affect the final cost of insurance. It’s important to keep in mind that the final cost of insurance is not merely the cost of the policy’s premiums. Organizations should examine the expected value of the policy by considering the likelihood of an event occurring and the expected loss of such an event and balance those costs with insurance premiums and deductibles.

 

3 Guidelines to Keep in Mind       

  • Determine if the maximum loss is affordable for your organization
  • Consider the likelihood of losses
  • Ensure that the transfer of risk is worth the premium you will pay

It’s important to review the policy coverage with your insurance carrier and insurance broker to make sure your organization has appropriate coverage based on your specific needs and risk appetite. Additionally, the organization’s management should also review with legal counsel the risk of a cyberattack and its impact on any regulatory or contractual requirements.

Cyber Magazine Fall 2020 Higher Education Business Resiliency Healthcare Government Cybersecurity and Fraud Protection

Get in Touch and Stay Informed

icon
Loading...