Because of recent increases in cyber security attacks, I am often asked about adequate insurance coverage. It amazes me that, even today, companies risk their cyber safety to save a few dollars. However, as a CEO of a company, I understand the necessity to reduce costs, especially for SMB’s. In this blog post, I will share the ways of effective budget planning, which allows businesses to cut down on unnecessary expenses without sacrificing the essentials. Below are some helpful tips to give you a better understanding of how important business protection really is.
Four things to consider when insuring your business.
1. Make sure your general coverage is adequate.
Coverage under $2m is not recommended. The slight difference in premium between $1m and $2m is well worth it for the extra coverage. Always consider higher premiums if you can afford them. This adds an extra layer of protection, so you can have total peace of mind whatever happens. Remember that as a business owner, you are responsible for your employees. The last thing you want is to let force majeure circumstances badly hit dozens or even hundreds of people financially.
2. Ransom coverage is a must.
Yes, I said it. Cybersecurity insurance has ransomware coverage. You can purchase insurance that would cover the cost of paying ransom to cyber thieves. But the best route is to get ransom insurance and invest in proper ransomware protection. The rise in cyber threats and losses caused by ransomware has made it more challenging to get cyber security coverage. Business owners need to present a proper cybersecurity strategy before getting insurance.
3. Ensure you have sufficient coverage.
It should cover all legal and professional fees in case of a security violation. This can include legal, forensic, IT and other fees to help you restore your business after a breach. Sufficient coverage ensures that your business is protected from the liability of data leakages and intrusions. When choosing a cyber security policy, consider the following:
• The incident reporting process. Most attacks happen after hours or during weekends and holidays. Make sure that your insurer can be reached 24/7.
• The availability of dedicated cybersecurity teams, including qualified incident responders, data breach attorneys, ransom negotiators, etc. Knowing their availability will allow you to assess all of your options in the case of an emergency.
4. Essential security protocols to maintain coverage.
Lastly, most insurance providers are now mandating that their clients have essential security protocols to maintain coverage. It is important to remember this to be able to get your reimbursement if an incident happens. Some companies are denied coverage after an incident if their security posture doesn’t meet the insurer’s requirements. Although every insurer has different ways of risk evaluation, some security measures are standard. For example, Multifactor Authentication And air-gap Backups.
Multifactor Authentication – make sure you have Multi-Factor Authentication enabled to protect your computing environment as well as your data. This is the second layer of authentication that helps confirm your identity in your IT environment. Failure to provide proof can prevent you from getting coverage or, even worse, cause your claim to be denied during an incident.
As for Air-Gap Backups – Insurance carriers are asking clients to show proof of secure, segmented, off-site cloud backups. In addition, the storage on which data is restored must have a file system that offers immutable data integrity. These backups confirm that your company’s data is stored safely in an offline location in case of any unavoidable data loss.
Nobody can guarantee 100% protection from cyberattacks. But with hackers on the rise, you can still feel reasonably protected, have proper cybersecurity, and choose the right coverage for your cybersecurity Insurance.