Cyber Insurance: Good News & Bad News

Uploaded on 2018-01-26 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Financial

Even though the cybersecurity insurance market is barely 20 years old, cybersecurity insurance companies have already collectively grossed more than $2 billion in premiums. 

This implies both good news and bad news. The bad news is the demand for cybersecurity insurance demonstrates that hackers and data thieves are stepping up their game. Businesses and industries of all sizes are being targeted. 

The good news is that large organisations and small businesses alike are taking proactive steps to protect themselves from cyber threats.

As the cybersecurity insurance market continues to expand, SMBs will want answers to questions before procuring this insurance for their operations. Below are a few common questions companies consider before selecting a provider.
How likely is it for an SMB to be targeted by a cyber attacker?

By one measure, more than half of all cyberattacks target SMBs. Sure, SMBs typically do not store or maintain the same volume of data that is held by larger companies. But that doesn’t mean they are out of the wood. Small businesses generally have fewer resources and defensive technologies as compared to their larger peers. In other words, SMBs hold less data, but that data is easier to steal.

What does cybersecurity insurance cover?
Cybersecurity insurance policies can cover multiple different losses and liabilities associated with a data breach. This includes business downtime, extortion, data recovery, and fines levied by regulatory bodies. 
Some policies go even further to provide against third-party liabilities. Prime examples include a failure to protect their confidential data and legal fees. Of course, exact coverage details will depend on your policy. So be sure to suss out the specifics during your initial conversations.

Do all cybersecurity insurance carriers cover the same types of losses and liabilities?
Coverages from different insurance carriers do overlap, but some carriers offer different services and underwriting policies than others. Many of the world’s top commercial general liability insurance carriers(including Liberty Mutual, Beazley Insurance Co., Chubb Ltd.) are now offering cybersecurity riders on their policies.

Other insurance entities have been formed by individuals that have more technical knowledge of cybersecurity threats. Companies like Root9B, RSA, IBM Security, Dell Secure Works, and Palo Alto Networks all boast top-notch technical cybersecurity expertise. 

Meanwhile, companies like CyberPolicy offer SMBs an opportunity to shop through cyber insurance companies according to specific needs. Carriers include Hiscox, Aspen Insurance, and Hanover.

How much should an SMB budget for cybersecurity insurance?
Cybersecurity insurance policy premium costs will vary as a function of each SMB’s network systems environment. Annual premiums for one  million dollars of coverage will generally be between $5,000 and $50,000. Given that an SMB incurs an average loss of $200,000 from a single data breach, these premiums are readily justified on a cost-benefit basis.

Will cybersecurity insurance companies offer cyber threat abatement consulting services?
Many cybersecurity insurance companies work closely with their clients to detect likely cyber penetration points and to make suggestions to close off those gaps. 

Root9B, for example, will pursue cyber attackers that have broken into a system and will expunge those attackers while closing off the gaps that let them in. Dell Secure Works audits client systems to identify weaknesses. Palo Alto Networks works to stop a security breach as it is happening with threat-intelligence and other protection tools. 

Cybersecurity insurers are as interested in ending data breaches as their clients are in preventing them, and good carriers will always work with their clients to reduce threat levels.

What is an SMB’s ultimate risk if it fails to procure cybersecurity insurance?
Believe it or not, the worst case scenario is bankruptcy. The costs associated with even a low-level data breach are often large enough to wipe out an SMB’s profits. 

Cybersecurity insurance is critical. Without this essential service, you could suffer a cyberattack that kills your SMB for good.

The Times T2

You Might Also Read: 

Companies Are Buying Cyber Insurance 'in mad panic':

Cybersecurity Tips For Smaller Businesses:

Cyber Insurance Report 2017 - 2018 (£):


 

 

« Employees Are Key To Cybersecurity
Russia Will Create Its Own Internet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Assured Data Protection

Assured Data Protection

Assured Data Protection specialises in data protection and disaster recovery services for large SME and enterprise organisations.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

SecuLution

SecuLution

SecuLution is an Antivirus product using Application Whitelisting which offers much more protection than Virus Scanners ever can.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

Bradley-Morris

Bradley-Morris

Bradley-Morris is a leading recruiting firm specializing in transitioning military and veteran talent into civilian careers including Cybersecurity.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Tetra Defense

Tetra Defense

Tetra Defense is a leading incident response, cyber risk management and digital forensics firm.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

BaXian Group

BaXian Group

BaXian AG is an international consulting company specializing in IT security, data analytics, risk management and compliance.

Herzing College

Herzing College

Herzing College Ottawa offers an accelerated 12-month Cybersecurity Specialist training program. This program is developed by industry experts and based on leading IT security certifications.

TuxCare

TuxCare

TuxCare make Linux more secure. We take care of Linux so that organizations can use Linux to support environments that require high levels of Cybersecurity, stability, and availability.

Sidcon International Consulting Company

Sidcon International Consulting Company

SIDCON International Consulting Company has been providing consulting services since 2002 for private and public organizations in Ukraine and other countries.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.