Unpacking Cyber Insurance and How it Helps After an Attack
Cyber attacks have dominated news coverage over the last five years and a good deal of focus has been on large cybersecurity attacks on nation-state institutions or corporate entities. Missing from these narratives have been the issue of cyber insurance. Cyber insurance policies provide support to companies in the aftermath of a cyber attack and help deliver critical services. These services can include legal expenses, IT forensics, data restoration, public relations, breach notification to customers, and much more.
While large businesses receive the headlines, many small to medium-sized businesses are suffering serious cyber attacks. And the reality is that businesses can be ruined by one severe cyber attack.
“While we often hear about data breaches at large corporations, many cyber criminals have set their targets on small businesses that are more vulnerable and often lack the protection and resources larger organizations can afford,” says Peter McMurtrie, president of Commercial Lines at Nationwide.
The logical next step for many small to mid-size companies is to find cyber insurance. Recently, there’s been an increase in demand for cyber insurance policies and many insurance companies are now setting a higher bar or threshold to qualify for a substantial policy.
“Coverage isn’t as easy to get as it used to be,” says Iliana Peters, attorney at Polsinelli PC. “Before they offer or renew a policy, insurers are requiring a lot more from businesses.”
How to Qualify for Cyber Insurance
The good news is that businesses are finding answers about security requirements through insurers and industry partnerships are developing that will help. Some cybersecurity companies, specializing in enhanced network monitoring and software security services, are partnering with insurers to offer solutions to get businesses on the fast track to increased security practices.
One example of this type of partnership is BlackPoint Cyber. This cybersecurity company’s continuous monitoring platform scans for lateral movement threat vectors, suspicious events, hacker tradecraft, insider threat detection, and others while deploying a lightweight software agent to customers’ endpoints. BlackPoint partners with numerous insurance carriers, including Lloyd’s of London and Zurich, and the cybersecurity company’s monitoring technology is part of the actual insurance policy.
Besides networking monitoring, insurance companies are looking for strong password protection policies, cyber awareness training for employees, strict user permissions, data backup strategies, continuous system software updates and endpoint security management. Not surprisingly, most of the heightened security requirements from insurers take aim at users or employees.
This type of partnership is good news for IT departments, which are struggling to understand the numerous types of cyber attacks. And the big takeaway for the insurance carrier is reducing cyber policy claims. With a robust monitoring platform required for insurance, insurers are finding a company’s chances of being compromised are significantly reduced.
What Does Cyber Insurance Cover When Compromised
While many companies are hoping added cyber awareness training and monitoring will prevent attacks, malware and cyber attacks happen quickly. That’s what cyber insurance is so important for small to medium-sized companies since most companies lack fully developed action plans after a cyber attack occurs.
That’s where insurance companies step in and begin the process. Insurers immediately offer access to legal services, forensic accountancy, fraud investigation, forensic computer specialist, public relations and crisis management, and credit monitoring services after an attack. Plus, the insurance company offers around-the-clock service to answer questions.
Plus, a huge challenge after a cyber attack is finding a breach attorney. Breach attorneys are big business these days due to their experience with privacy laws and for companies’ need to understand the ramification of a specific data breach. Cyber insurance allows liability attorneys to figure out customer liability, data responsibility, and what damages may occur with the release of this data.
The big takeaway with cyber insurance is most businesses are not prepared for a cyber attack on their networks or data. Cyber insurance provides immediate solutions via crisis management teams, legal services, forensics, investigators, and public relations teams. As many companies find out, cyber insurance can help businesses survive and hopefully move forward after a cyber attack.
Simplifying Cyber Insurance – ArcherPoint Can Help
ArcherPoint offers cyber insurance qualification assistance to help expedite the qualification process for cyber insurance. Our services include examining your current cybersecurity policies, such as data security backups, encryption, network protocols, and cybersecurity training for employees – very important in 2022 and beyond. Contact ArcherPoint and let an expert help you forward with your cybersecurity defenses.