Cyber Liability Insurance

 

Keeping workplace technology up and running is vital to any organization’s success. Unfortunately, the task is becoming more difficult each year as cybercriminals expand their reach. It’s not enough to protect workplace technology with software and security protocols. It’s critical for organizations to educate themselves on, and protect against, cyber exposures related to ransomware attacks, social engineering schemes and similar threat.

Cyber liability insurance is specifically designed to address the risks of using modern technology.  The level of coverage your business needs is based on your operations and can vary depending on your range of exposure. As such, the first step will be to conduct a cyber risk assessment.  The assessment will help identify if the cyber security controls you have are appropriate to the level of risk your organization faces.

Over the past few years, cyberattacks have grown in both cost and frequency. The increase in attacks has, in turn, resulted in a rise in cyber liability claims.  In light of these market conditions, it’s predicted that most policyholders will experience higher cyber liability insurance rates.  That being said, working with a broker/partner that can help you create a more data secure work environment can help make cyber insurance coverage more affordable.

These are the most common cyber threats to businesses today:

  • Employees: In some cases, well-meaning employees accidentally put confidential information at risk through careless cybersecurity practices. At other times, disgruntled former employees can compromise assets or steal proprietary data to get back at an organization.
  • Organized Cybercriminals are one of the most profitable, illegal industries. These groups often seek personally identifiable information like social security numbers, health records, credit card details and banking information. They then hold this information hostage through ransomware or sell it outright on the dark web for a profit.
  • Hacktivists operate with a political agenda, often carrying out high-profile attacks to distribute propaganda or damage organizations they disagree with.
  • Government-sponsored Groups: Government-sponsored attacks are real threats. These cybercriminals are well-funded and are typically motivated by political, economic, technical or military agendas.
  • Social Engineering refers to a cyberattack method in which a cybercriminal preys on key human behaviors (e.g., trust of authority, fear of conflict and promise of rewards) to obtain unwarranted access to victims’ technology, funds or data.

What carriers are requiring:

  1. Multi-factor Authentication for emails, remote access and privilege accounts.
  2. BackUps: That are separate from the main systems and readily available.
  3. EDR technology platforms that can alert security teams of malicious activity, and enable fast investigation and containment of attacks at company endpoints, including laptops and smartphones.

 Key Components of a Cyber Policy:

 Extortion/Ransom

  • Funds Transfer Fraud
  • Incident Response Costs
  • Legal & Regulatory Costs
  • IT Security & Forensics
  • Crisis Communication Costs
  • Privacy Breach Management Costs
  • Hardware Replacement Costs
  • Income Loss & Extra Expense

Tips for Insurance Buyers

  • Review your employee handbook and related policies. Ensure you have all appropriate policies in place,
  • Identify an internal cyber-security officer who can respond quickly to any cyber incidents.
  • Work with your insurance professionals to understand the different types of cyber coverage available and secure a policy that suits your unique needs.
  • Take advantage of loss control services offered by insurance carriers to help strengthen cyber measures.
  • Focus on employee training to prevent cybercrime from affecting your operations. Employees should be aware of the latest cyber threats and ways to prevent them from occurring.
  • Establish an effective, documented cyber incident response plan to minimize damages amid a cyberattack.
  • Consider supply chain exposures when establishing your organization’s cybersecurity policies.

Talk to one of Barrow Group’s cyber liability insurance professionals at 800-874-4798 if you have questions or need help understanding how cyber liability insurance works. We can help you customize a policy that meets your organization’s specific needs.