Keeping your organization cyber secure and readied means procuring cyber and data insurance. So how much cyber insurance is enough, and how can you adequately protect your business and clients? Before exploring options with an insurance underwriter, you need to know that there’s no such thing as ‘enough’ and the first prerequisite to coverage is having a solid cybersecurity program in place.

Cyber Insurance Can’t Do It All

Focusing on cyber insurance as a stop-gap to cover losses and cyber-attack claims after the fact may not be the best and most effective tactic. Cyber insurance alone can’t keep you secure because it too is a moving target, just as cyber threats are fluid and magnifying up and down the supply chain.

The best plan is to understand there is always some level of risk, so the goal is to reduce, mitigate or transfer as best as possible to remain resilient – but have insurance coverage to recover losses.

Cyber-Attack Insurance Costs Jump

The evolution of ransomware has radically altered the landscape of cyber insurance and is in crisis. According to the credit rating agency AM Best, ransomware now accounts for 75% of all cyber insurance claims, up from 55% in 2016.

Cybersecurity insurance providers are struggling with the evolving cyber landscape, increasing policy costs and making requirements more stringent. According to an S&P Global Market Intelligence analysis, direct written premiums for standalone cyber policies climbed 28.6% in 2020 to $1.62 billion, according to an S&P Global Market Intelligence analysis.

Risks Rise, Insurance a Must

Providers are opting out of the market, raising premiums, being selective about who and what they will cover (some won’t handle government customers because of escalated risk), and wanting detailed information and a ‘prospectus’ on your cybersecurity programs.

Requirements for insurance coverage are becoming more stringent, and now, underwriters are carefully examining potential insured and making sure they have specific cybersecurity processes in place. If you have a robust cybersecurity program, you will be more prepared when you need cyber insurance and less likely to be denied.

Prepping for the Insurance Talk

In fact, the cybersecurity plan you have at your organization will play an important role in the types of cybersecurity insurance you can attain, how much it costs, and any coverage limits. Tomorrow’s November 30 Defendify webinar at 2 PM EST: The Perfect Storm of Cyber Insurance: How Did it Get So Complicated? can give you strategies on how to stay ahead of cyber-attacks and make sure you have the right mechanisms in place to obtain affordable coverage that matches the needs of your business and customers. Find the details and sign up here.

Cyber Insurance for IT Providers

Cyber insurance companies are pushing prevention by requiring basic controls, such as multifactor authentication, user awareness training, and more. Getting ready to obtain coverage takes a thoughtful strategy tied to in-house cybersecurity testing, protocols, and other programs. Some of the items you need to address as part of your comprehensive cybersecurity solution may include:

• Incident response plans
• Cybersecurity awareness training and assessments
• Policies for employees using company assets offsite

Take a look at our cyber insurance readiness checklist to see if your organization is prepared for working with underwriters to get the right policy at the right price.

Insurance is Part of a Total Solution

Cyber insurance is a critical risk mitigation tool, but it isn’t a standalone measure and requires a thorough and complete process that starts with a solid cybersecurity program. Comprehensive cybersecurity is the best option to obtain insurance coverage and protect your organization from a cyber-attack.

Defendify delivers cybersecurity expertise and support through a single platform that includes streamlined cybersecurity assessments, testing, policies, training, and detection and response in a consolidated and cost-effective solution. When it’s time to talk to an insurance provider, we’ll ensure you’re prepped and ready for a fruitful discussion.

More Resources for Cyber Insurance Readiness:

Webinar: The Perfect Storm of Cyber Insurance: How Did it Get So Complicated?
Blog: Getting Cyber Insurance Policy Coverage: Where to Start
Blog: Why You Could Be Denied Cyber Insurance Policy Coverage
Blog: The Cost of Operating Without Cyber Insurance