10 factors to consider when seeking cyber insurance coverage

18 April 2023 Consultancy.com.au

With the cyberthreat landscape constantly evolving and growing numbers of businesses falling victim to attacks, the need for cyber insurance has never been higher. Craig Somerville, Managing Director and CEO of Somerville, shares 10 factors to consider when seeking cyber insurance coverage.

Designed to assist organisations to cope with the disruption and cost of an attack, cyber insurance policies come in many shapes and sizes. They cover a range of areas including the loss of data, ransomware attacks and the reputational damage caused by an attack.

Some policies extend even further and provide assistance with privacy liability, media liability, regulatory proceedings, and fallout from supply-chain attacks. All will provide vital support when an organisation needs it the most.

10 factors to consider when seeking cyber insurance coverage

A variety of claims

Cyber insurance policies are regularly assisting organisations of all sizes when they suffer an attack. Recent examples have included:

Missing laptop: A company employee misplaced a laptop which contained a list of 1000 client records and credit card details. A total of $250,000 was paid for the cost of notifying the affected individuals and the Privacy Commissioner of the data breach.

Encrypted records: An insured company discovered that a hacker had gained remote access to a server and encrypted client records. The hacker then demanded a ransom of $100,000 in Bitcoin to decrypt the files. The cyber insurance policy led to the company being paid $300,000 for the extortion claim and loss of income, together with the cost of notifying the affected individuals and the Privacy Commissioner.

Fake email: A cybercriminal impersonated a client of an insured company using an identical email address. The hacker then redirected payments totalling $41,000 into a new fraudulent bank account. The company claimed against their cyber insurance policy and suffered no loss.

Securing appropriate insurance cover

There are a range of factors to consider when selecting and purchasing a cyber insurance policy. Each policy will have an impact on whether cover can actually be secured and whether it will provide the level of protection that is sought.

The top 10 factors to consider are:

Encryption: It is important to ensure that all sensitive and personal data is encrypted both at rest and in transit. This will reduce the chances of it being misused following an attack.

MFA: The deployment of Multi-factor Authentication (MFA) is likely to be a requirement of many insurers. MFA can significantly reduce the chances of unauthorised parties gaining access to corporate IT resources.

Endpoint protection: All endpoints on an organisation’s network should be protected by the use of firewalls and antivirus software. It is also important that these tools are regularly updated.

Data backups: All critical data needs to be regularly backed up to ensure recovery is possible should an attack take place. Backups should also be stored off-site and segregated from the main corporate environment.

Backup testing: Data backups should also be regularly tested to ensure their integrity and confirm that they are capable of restoring all core systems within the organisation.

Email scanning: All incoming email should be automatically scanned for malicious links and attachments. This will reduce the chances of a cybercriminal gaining access to centralised systems.

User training: Regular security awareness training should be conducted for all staff. This should include clear explanations of the risks being faced and the steps staff can take to ward off attacks.

Admin checks: Organisations should also have in place established procedures to verify requests for changes in customer and partner details. This will ensure only legitimate requests are actioned.

Financial checks: Rigorous checks should also be in place when it comes to authorising any financial transactions. This could include the need to at least two parties to authorise all transactions over a set amount.

Patch management: There needs to be in place a patch management policy that ensures all critical patches are installed as quickly as possible after their release.

By taking these factors into account, organisations will improve their level of cyber security while also making it more likely they will be able to secure an appropriate level of cyber insurance.

The threats posed by cybercriminals are going to continue to evolve and grow. Having a cyber insurance policy in place, backed by effective security procedures, will afford organisations the best possible levels of defence.