Cyber and Data, Cyber Crime, Cyber Recovery, Cyber Liability. It's all the same thing - we just call it Cyber Insurance.
As digital technologies accelerate, so do cyber risks. Businesses of all sizes rely on I.T. to some degree, not just in terms of their operating systems but also in phones systems and in the case of retail Point Of Sale systems.
Risks range from hacking, malicious attacks, stolen laptops and subsequent data. Employee negligence and damaged systems have an equally damaging impact on businesses too.
What Does It Cover?
With greater numbers of insurers offering an insurance solution covers can vary widely from insurer to insurer. Cyber insurance can provide cover in respect of:
- Losses relating to damage to, or loss of information from, IT systems and networks.
- Significant assistance with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
- Loss or damage to digital assets such as data or software programmes.
- Business interruption from network downtime.
- Cyber exhortation where third parties threaten to damage or release data if money is not paid to them.
- Customer notification expenses when there is a legal or regulatory requirement to notify them of a security or privacy breach.
- Damage to reputation from breach of data that results in loss of intellectual property or customers.
- Theft of money or digital assets through theft of equipment or electronic theft.
- Third-party insurance covers the assets of others, typically your customers.
How To Manage Your Cyber Risk
As well as insurance, it is important for clients to manage their own cyber risks as a business. This includes:
- Risk assessment of your organisation's Cyber threats.
- Remove or disable unnecessary functionality from your IT systems, and keep them patched against known vulnerabilities.
- Monitor traffic for unusual or malicious incoming and outgoing activity that could indicate an attack (or attempted attack).
- Restrict users privileges only to those required to perform their role.
- Enable an I.T. security policy that describe acceptable and secure use of your business's systems.
- Produce an incident response and business recovery policy that addresses the full range of incidents that can occur.
- Produce company policies that address business processes such as internet use, email, removable media (such as memory sticks), that are vulnerable to malware.
- Provide training for mobile users in the secure use of their mobile devices.
In the event of a cyber breach, cyber insurance can make the recovery process far easier. Many insurers include crisis containment and technical assistance as part of the insurance policy so in the event of a breach best advice is to get in touch with them as soon as possible.