Cyber Insurance

Imagine the first insurer trying to convince the importance of insurance, now it seems that insurance is an integral part of our lives whether its health, our valuables, travel or even 3rd party insurance. Cyber insurance is not different, it is imperative to keep business continuity in case of a cyberattack as the results could be deadly for small and medium-sized businesses.
Cyber insurance is a relatively new product compared to other types of insurance. Business owners may not fully understand what it covers, how claims work, and its overall benefits.
Cyber insurance is not an option, it’s a must!

The staggering statistics prove that a cyberattack will happen, the question is when?

What is cyber insurance?

Like any other insurance, cyber insurance is all about business continuity. If your business undergoes a cyberattack, heaving cyber insurance will supply a financial lifeline for the business to continue its operations and activities.
There might be misconceptions about the necessity of cyber insurance. Some business owners might believe that only large corporations are targets for cyberattacks, while in reality, small to medium enterprises are frequently targeted due to their often-weaker cybersecurity infrastructure.
There are no uniform policies and definition of the term cyber insurance. Cyber insurance is insurance that can cover direct or indirect damage that you incur to or through digital components of your company; A viable example is the case of falling victim to Ransomware.
Different insurers use different definitions to cyber insurance and its coverage, it is important that as a business owner you are aware of the conditions of the insurer, the coverage, the services, and that premiums differ between insurers

What are the business direct cyber risks?

Business continuity – A cyber attack can bring a whole business to a holt, 60% of small businesses that had a cyberattack, went out of business within 6 months
Penalties – Those can come from inability to deliver (goods, services, payments and more)
Recovery costs – getting back online can have significant costs

What are the business indirect cyber risks?

Reputation – if a business is not secure and leaks data, or if a business is not able to deliver goods and services, its reputation might be damages
These can lead to:
- Customers loss
- Bankruptcy

Having cyber insurance can help in responding properly and on-time, avoiding higher payouts and unnecessary escalation

What are the “must haves” security measures for being insurable?

The insured is either the parent company or fully in charge of its own business without IT and/or data connectivity with others
2 factor / multi-factor authentication for
- Remote employees (work from home)
- IT providers who remotely control KA and OT
- SaaS applications containing sensitive data
Awareness training in the field of cyber security and privacy
Access to backups as much as possible ransomware proof + test restore regularly
Policies and time frames of when critical updates are implemented + implementation monitoring (in accordance with Common Vulnerability Scoring System)
Business Continuity Management Plan

should haves:

Incident Response Plan
Disaster Recovery Plan
Endpoint detection and response – preferably with an MSSP service – this may become a “must have”
Normal users are not local admin and unique local admin password per device
Is stored data on mobile devices encrypted?
Geographic and IT/OT segmentation

Disclaimer – Magic Stone cyber security is not an insurer and does not offer cyber insurance! This cyber insurance page is about the importance of business cyber insurance and its purpose is information only.
Interested in Cyber insurance?
Ask us, we can refer you to cyber insurance brokers