(Image credit: Shutterstock.)
Cybersecurity is a critical topic for all companies in today’s ever-changing environment. Recent cyber events have showcased two alarming trends:
First, the cyber threat landscape has shifted from data threats to operational threats. It’s become much more lucrative for cyber criminals to hold operating systems (and bottom lines) hostage vs. threatening to steal data. This trend has made cyber threats relevant to all industries, with particular importance to the insurance industry.
Second, attacks on third-party service providers are on the rise. Outsourcing data or IT processes do not eliminate cyber threats for your organization or clients.
The following step-by-step checklist provides guidance and important questions to consider when developing or updating a successful cybersecurity plan:
Was the Right Cyber Liability Policy Selected?
One of the most critical steps to cyber risk readiness is preparing clients before an event happens. From an industry perspective, Cyber Liability insurance is in its infancy relative to nearly all other insurance products, and the marketplace has several unique aspects.
One of the most critical considerations to contemplate when working with clients specifically is the lack of standardization; where Cyber Liability is not subject to an “ISO” coverage form like other insurance coverages — one carrier calls something “x” while another carrier calls something “y.” The variation of policy language and coverage response in the market can lead to confusion during the buying process and, ultimately, detrimental insurance coverage gaps.
The silver lining the lack of standardization offers is this allows for the policies to be highly customizable and tailored based on each consumer’s unique risk factors, making it even more critical for businesses to collaborate with an expert broker partner to walk through specifics of the policy.
Think Before You Click: A Lesson in Ransomware
There has been a significant rise in ransomware attacks over the past two years, and it’s become a top concern amongst businesses. To address ransomware, employers need to prepare themselves by providing training resources such as ransomware surveys, ransomware stress tests, and access to programs that can provide risk management and insurance against ransomware attacks.
Phishing—Don’t Take the Bait
Employees are a client’s biggest assets, but when it comes to cyber security, they can also become the biggest liability. Prioritization of a security-centric culture at every level of an organization has been a leading indicator to mitigate cyber threats. Today’s companies would be well served to offer employee training modules on anti-phishing, password security, and security while working remote.
Secure Cyber Security Threats
Finding services that offers loss control resources and provides companies with a frank appraisal of their vulnerabilities is essential, as well as an appraisal with an independent security engineer assessment. It’s also important to consider additional tools, such as:
- Proprietary benchmarking and peer purchasing insights
- Ransomware mock breach exercises
- A data breach cost calculator
- A business interruption cost calculator
- A notification costs calculator
Learn More by Reaching Out
The cyber world can be confusing. Whether it’s reviewing security best practices, deciphering policy language, or providing loss analysis and benchmarking reports. Overall, clients should be encouraged to work with an experienced cybersecurity professional who can equip them with the resources and knowledge necessary to keep their organization’s resilient from cyber threats.