We often get asked ‘Why do I need cyber insurance?’. And ‘What level of cyber insurance do I need?’. The obvious answer is that you may hold data that you need to keep your business running smoothly; data that is essential, is sensitive and/or data you hold on behalf of others; data that you want to protect and do not want to be hacked Any interruption to access will have an impact on your day to day running. A poor response damages reputation.
Data safety starts with your team
Good housekeeping amongst a team is a step towards keeping that data safe. Constantly reminding staff, in a nurturing fashion and motivating through support, not fear, will encourage them to do the right thing with data. That might seem glib yet we’re all human. Those who are encouraged to report near misses with data do so! Whilst those who are disciplined following data issues whisper about how unfair it is, even if they’re not supposed to. In turn colleagues won’t confess when things are going wrong because they fear negative consequences.
Don’t make it easy for cyber villains
Cyber criminals are clearly people you don’t want in your systems. But they are the only people to enter them other than your employees and authorised users. Now that we are all connected, even more so than pre-covid, there are many more opportunities for cyber criminals. What is known about criminals is that they don’t care, have no morals and may build empires based on stealing data from others.
Criminals work with criminal colleagues. Believe it or not, they share information, they warn each other and they collaborate to find new ways of doing things. In some respects they are similar to the most successful businesses, in that they adapt and change as soon as they have to or as soon as they find a new way of attracting income. Unlike large businesses, they can move frighteningly quickly, even overnight. There is no structure where the criminal has to refer to compliance – a new way is put into force the next day.
Cyber criminals are hard to stop
When cyber criminals are caught it is usually a significant catch because it takes police so long to get access to a criminal network. When they do, they are very careful about clearing the whole network out in one go. That way, they will get more prosecutions, but also cut the head off at the neck, so to speak! Because arrests are so rare there is little deterrent for criminals to move out of cyber-crime – it’s the other way around because it’s so profitable.
Sadly, the number of criminals is constantly rising. The online risk increases, yet we can all grow to be more vigilant. You might not want cyber insurance, yet the risk is greater than it was years ago. One way to make your overall insurance provide a return on investment is to assess what risks are still worth covering. There are plenty of ways to reduce the risk too.
If buying – the right insurance is key
You might find that you are buying insurance that is no longer realistic or relevant. You want to focus on what’s real today, not what was real a very long two years ago. Rates for cyber insurance are going up, yet so are the costs of the claims that are being paid out. One of the major costs is investigating the issue to find out what actually went wrong because cyber criminals are using brute force and causing havoc when they do get in.
Why do I need cyber insurance?
I would not say anyone needs cyber insurance, yet I definitely think every organisation should at least investigate it. Preferably do this via a broker because off the shelf rarely fits. If only to ensure that they are covering what they need to and not paying for irrelevant cover . If you would like a quick check with us about this click here.
If you haven’t reviewed your insurance you are probably covering things that are not that relevant anymore. Have a review, assess what your current risks are and review this every 3, 6 or 12 months.
Just because insurance policies are for a 12 month duration doesn’t mean your risk reviews should be the same. You can conduct a review when you have the time, and then it should be periodic. A measurement of risk is vital because it allows you to buy what you want, rather than what insurers want to flog.
If you’re new here contact us and tell us if you want insurance tips, new posts, or details of events and promotions that could help you or your network reduce the risks we are facing in todays’ economy.