By: Michael Brunetti
As the global technology industry continues to evolve, so do the risks companies face. The number of data breaches companies experience is on the rise, increasing by 68% from 2020 to 2021. Based on Entara’s frontline experience supporting companies who have experienced a breach, we know that the cost of a cyberattack can be devastating, enough to shut down a business entirely. Cyber insurance helps protect against the fallout and financial loss related to cybersecurity breaches.
What does cybersecurity insurance cover?
Cyber insurance, also called cyber liability insurance, is a type of coverage that helps protect businesses from the ramifications of a cyber-attack. A data breach can result in not only the theft of electronic data but may lead to the interruption of business continuity, a loss of customers, and, ultimately, a loss of revenue. It also supports businesses who may be liable for damages related to the theft of third-party data. Cyber insurance policies help cover the financial losses that result from cyber events and incidents. The policies also help with the costs associated with remediation, including payment for legal assistance, ransom, digital forensics investigators, crisis communicators, and customer credits or refunds.
Some of the specific items covered by cyber insurance include:
- Meeting extortion demands from a ransomware attack
- Notifying customers when a security breach has occurred
- Paying legal fees as a result of privacy violations
- Hiring forensics experts to recover compromised data
- Recovering stolen sensitive data and repairing damaged systems
Cybersecurity insurance policies do not cover:
- Cyber events caused by company employees
- System failures not caused by a cyber attack
- Failure to correct a known cybersecurity vulnerability
- The cost of improving security systems
Who needs cyber insurance?
Any business that creates, stores, or manages electronic data online can benefit from cyber insurance. This may include customer names and contact information, sales, personally identifiable information, and credit card numbers.
What if I cannot qualify for or afford to qualify for cyber insurance?
There are several questions a company must answer “yes” to in order to qualify for cyber insurance. These can include questions like, is your critical data backed up at least once daily? Are your backups encrypted? Is multi-factor authentication used for cloud-based email account access? While many companies can meet the base qualifiers, they are notable to manage or cannot afford to implement solutions to address increasingly common questions being asked due to evolving threats, like, is there network segmentation in place? Is there a solution in place to manage privileged accounts?
If your organization is not able to qualify for or would prefer to not invest in cyber insurance, an alternative solution is to remain uninsured and keep a cyber security firm on retainer to assist during the event an incident occurs. This retainer provides several advantages, including guidance on Cyber Security Incident Response Plan and tabletop exercise simulating an incident, as well as a full team on standby for immediate response to a cyber security incident in order to contain the ramifications, prioritized restoration of your environment to operational status, and more.
If you are not sure where to start on your cyber insurance journey, check out our cyber insurance checklist to see where your company stands on current common stipulations and reach out to learn more about new ones we think are soon to be added in the future.
Strengthen Your Company’s Cyber Security Posture with Entara
Our 24/7 incident response team helps companies recover quickly and efficiently in the event of a breach. We focus on the root issue that caused the security breach in order to mitigate future events. We don’t want repeat clients and have in-house experts ready to integrate security solutions to harden your system to mitigate future breaches. We handle the situation so you can focus on what you do best - running your business. Connect with us to strengthen your company’s security posture.