Keeping our Fingers on the Pulse of Cybersecurity

Cybersecurity is a critical topic for all companies in today’s ever-changing environment. Recent cyber events have showcased two alarming trends.

(Image credit: Shutterstock.)

Cybersecurity is a critical topic for all companies in today’s ever-changing environment. Recent cyber events have showcased two alarming trends:

First, the cyber threat landscape has shifted from data threats to operational threats. It’s become much more lucrative for cyber criminals to hold operating systems (and bottom lines) hostage vs. threatening to steal data. This trend has made cyber threats relevant to all industries, with particular importance to the insurance industry.

Second, attacks on third-party service providers are on the rise. Outsourcing data or IT processes do not eliminate cyber threats for your organization or clients.

The following step-by-step checklist provides guidance and important questions to consider when developing or updating a successful cybersecurity plan:

Was the Right Cyber Liability Policy Selected?

One of the most critical steps to cyber risk readiness is preparing clients before an event happens. From an industry perspective, Cyber Liability insurance is in its infancy relative to nearly all other insurance products, and the marketplace has several unique aspects.

One of the most critical considerations to contemplate when working with clients specifically is the lack of standardization; where Cyber Liability is not subject to an “ISO” coverage form like other insurance coverages — one carrier calls something “x” while another carrier calls something “y.” The variation of policy language and coverage response in the market can lead to confusion during the buying process and, ultimately, detrimental insurance coverage gaps.

The silver lining the lack of standardization offers is this allows for the policies to be highly customizable and tailored based on each consumer’s unique risk factors, making it even more critical for businesses to collaborate with an expert broker partner to walk through specifics of the policy.

Think Before You Click: A Lesson in Ransomware

There has been a significant rise in ransomware attacks over the past two years, and it’s become a top concern amongst businesses. To address ransomware, employers need to prepare themselves by providing training resources such as ransomware surveys, ransomware stress tests, and access to programs that can provide risk management and insurance against ransomware attacks.

Phishing—Don’t Take the Bait

Employees are a client’s biggest assets, but when it comes to cyber security, they can also become the biggest liability. Prioritization of a security-centric culture at every level of an organization has been a leading indicator to mitigate cyber threats. Today’s companies would be well served to offer employee training modules on anti-phishing, password security, and security while working remote.

Secure Cyber Security Threats

Finding services that offers loss control resources and provides companies with a frank appraisal of their vulnerabilities is essential, as well as an appraisal with an independent security engineer assessment. It’s also important to consider additional tools, such as:

  • Proprietary benchmarking and peer purchasing insights
  • Ransomware mock breach exercises
  • A data breach cost calculator
  • A business interruption cost calculator
  • A notification costs calculator

Learn More by Reaching Out

The cyber world can be confusing. Whether it’s reviewing security best practices, deciphering policy language, or providing loss analysis and benchmarking reports. Overall, clients should be encouraged to work with an experienced cybersecurity professional who can equip them with the resources and knowledge necessary to keep their organization’s resilient from cyber threats.

Aon Acquires Cyber Security Firm Cytelligence


Ross Ingersoll //

Ross Ingersoll serves as an Executive Risk and Cyber enterprise resource for Holmes Murphy’s production, service, and placement teams. He provides coaching to sales and service members, including phone call consultation with clients, policy/quote review, loss control and claims management support, and responding to service questions related to Executive Risk and Cyber. Additionally, Ingersoll provides periodic assistance in preparation and presentation of annual renewal proposals and is involved in the new business process. Within the Executive Risk space, Ingersoll works to develop relationships with expertise networks such as the Employee Stock Ownership Plans (ESOP) Association, Professional Liability Underwriting Society (PLUS), and our carrier/wholesale partners. Prior to joining Holmes Murphy, Ross was a Management Liability Account Executive at Travelers. 

Leave a Comment