Cyber insurance is a type of specialty insurance that protects organizations against a variety of risks related to information security attacks such as ransomware and data breaches. Ordinarily, these types of risks aren’t included with traditional commercial general liability policies or are not specifically defined in these insurance plans.
Given the rise in attacks, the growing sophistication of these incidents and the potential financial impact, having cyber insurance coverage has become critical for many organizations. It is a form of cover that seems an obvious purchase for an organization running a global market. However, for other companies, a decision on whether, or how much, cover to buy is a much tougher one, despite the rising profile and costs of ransomware attacks. Premiums for these plans have been on the rise because of the increase in security-related losses and rising demand for coverage.
Since 2018, the cost of cyber claims has been pushed up by a sharp rise in the number and cost of ransomware attacks, in which criminals disable a company’s systems and demand a ransom, often millions of dollars, to put them back online.
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
What is Next?
In September, the US government called for views on whether a federal insurance response to cyber was warranted, which could be part of, or outside, its current public-private insurance programme for acts of terrorism.
Currently, the U.S. government does not have a federally backed cyber insurance program to deal with destructive cyberattacks.
What companies must do?
Most insurance requirements still fall into basic cybersecurity measures, what one would expect every company operating online to have in place. At minimum, those measures include:
- Multifactor authentication (MFA)
- Backup
- Incident response plan
- Patching
- Cyber awareness training for employees
A cyber insurer’s requests are closely aligned with cybersecurity industry best practices. If companies have a good security system already in place and are willing to take the steps needed to meet the demands, cyber insurers are willing to develop a partnership. Let OCD TECH help your business to stay protected and comply with your insurance requests.
