Please do not leave this page until complete. This can take a few moments.
In its second pulse survey of 2022, international professional services firm PwC cites cyber as the top business risk. But getting a cyber insurance policy can be tricky and costly. As cyber attacks have escalated across every business small and large, cyber policies have followed suit, if you can even find a carrier willing to underwrite one. Thankfully, organizations can follow cyber strategies to arrive at more favorable policy terms and lower premiums.
The rule is simple: The greater the cyber risk, the greater the insurance cost. Conversely, the better your security program, the cheaper your premium and the better your coverage terms. Insurers are risk-averse by nature; the coverage they offer must be directly proportional to the assumed risk.
When it comes to cyber, there’s no shortage of risk factors. These include the size and nature of the business; flaws in systems or processes; unpatched vulnerabilities attackers can exploit; third-party and supply-chain partners not abiding by standard security practices; compliance mandates overlooked or ignored, which can lead to data breaches and class-action lawsuits; social engineering attacks causing users to click on bogus links allowing attackers to bypass even the best security technology. The absence of policies, procedures, planning, tools, and security awareness training can have negative fallout and contribute to cyber risk.
To obtain value from a cyber insurance policy at lower monthly premiums, businesses should undergo a thorough cyber risk assessment to identify weak spots and implement safeguards to reduce risk factors. Insurers come to the table primed with these basic expectations. To make sure the meeting is productive for both parties, a range of security audits need to be tackled upfront for data, vulnerabilities, compliance, third-parties, network, cloud, and application assessments.
Specifically, the discovery and classification of data, its sensitivity, location and security controls; identification and prioritization of security vulnerabilities across the organization; gap analysis against industry-accepted standards or frameworks; identification and prioritization of third-parties based on risk factors; a security posture review of on-premise IT infrastructure, cloud environments and software as a service or third-party applications. Review the level of cyber hygiene and awareness of common social engineering scams among employees. Get buy-in from the top on the direct ties cyber has on business continuity. Preventive measures can be taken by running biannual penetration testing to harden defenses against known attack vectors.
The path is long and not easy but help is available. The consequences of not obtaining a settlement after incurring damages can obviously be devastating. In brief, negotiating a cyber policy for risk coverage requires organizations to present tangible evidence that the business remains resilient and compliant with digital and even physical security best practices.
Stay connected! Every business day, WBJ Daily Report will be delivered to your inbox by noon. It provides a daily update of the area’s most important business news.
Sign upWorcester Business Journal provides the top coverage of news, trends, data, politics and personalities of the Central Mass business community. Get the news and information you need from the award-winning writers at WBJ. Don’t miss out - subscribe today.
SubscribeWorcester Business Journal presents a special commemorative edition celebrating the 300th anniversary of the city of Worcester. This landmark publication covers the city and region’s rich history of growth and innovation.
See Digital EditionStay connected! Every business day, WBJ Daily Report will be delivered to your inbox by noon. It provides a daily update of the area’s most important business news.
Worcester Business Journal provides the top coverage of news, trends, data, politics and personalities of the Central Mass business community. Get the news and information you need from the award-winning writers at WBJ. Don’t miss out - subscribe today.
Worcester Business Journal presents a special commemorative edition celebrating the 300th anniversary of the city of Worcester. This landmark publication covers the city and region’s rich history of growth and innovation.
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
This website uses cookies to ensure you get the best experience on our website. Our privacy policy
To ensure the best experience on our website, articles cannot be read without allowing cookies. Please allow cookies to continue reading. Our privacy policy
0 Comments