%20cropped.jpg)
A recent industry report determined that cyber incidents are the largest risk in determining the survival of a business. Cyber incidents can be found in a variety of forms such as cybercrime, IT outages and data breaches. One thing they all have in common, though, is the potential to damage both the bottom line and the reputation of a company.
A layered cyber security strategy will often deter, or at least slow down, a cybercriminal. But what if that’s not enough and a data breach or ransomware event occurs? Cyber liability insurance could help to get back to day-to-day operations, faster.
In an episode of Elevity’s Focus on Outcomes podcast, we spoke with Matt Thomson, Director of Cyber Liability at M3 Insurance, to learn more about cyber insurance and its value for businesses.
Here’s an overview of what we discussed:
- What Is Cyber Liability Insurance?
- When Do Cyber Incidents Happen?
- Why Do Minutes Matter When a Cyber Incident Occurs?
- What Is the Role of Cyber Insurance in Your Incident Response Plan?
- How Much Does Cyber Insurance Cost?
Being prepared for a worst day scenario could very well allow your organization to survive and continue business operations after a cyber incident.
What Is Cyber Liability Insurance?
Cyber liability insurance is a class of insurance intended to protect both individuals and businesses from internet-based risks, such as cyberthreats or other data breaches, as well as losses resulting from problems with IT infrastructure.
A licensed insurance broker will facilitate a discussion with a client company (and sometimes their Managed IT partner, too) about their needs and potential risks. This information will aid in constructing a cyber insurance policy and, sometimes, identify cyber security gaps that may need to be addressed.
A cyber insurance policy will help ensure that the client company is financially compensated if they are unfortunately involved in a cyber incident. A skilled insurance broker with experience in cyber liability insurance will benefit any business, as the broker will walk a client through each step in the process to make sure that coverage is appropriate. This is especially valuable for companies that have never experienced a cyber incident.
Related: Ransomware-as-a-Service – A Growing Threat to Your Business
When Do Cyber Incidents Happen?
We’ve found that cybercriminals rarely take a day off. In fact, it’s often during the most inconvenient times that they’ll launch an attack – like evenings, weekends and holidays.
Here are a couple of examples that were noted in the podcast:
While at a family holiday party, Thomson received a cybersecurity alert from a client that had suffered a ransomware incident. He logged on for a consultation and quickly addressed the client’s immediate legal and forensics needs. He’s found that cybercriminals especially like to attack during non-business hours.
Cybercriminals also tend to exploit hectic times when they hope a client is too busy to pause, consider and verify before clicking on a message or entering their log-in credentials into an app. This happened to a business client who fell victim to a social engineering scam. The client was in the middle of a large construction project and unknowingly paid a cybercriminal, posing as a construction subcontractor, over $2 million. Luckily, cybercriminals can often be lazy. In this instance, the FBI traced the money to a U.S. bank account, caught the cybercriminals and returned the stolen money. Had the money been quickly transferred to an offshore account instead of spending weeks in a stateside bank, the client may not have been as fortunate.
Related: Free Cybersecurity Risk Assessment Tool
Why Do Minutes Matter When a Cyber Incident Occurs?
Elevity has experienced similar client stories. While a layered cybersecurity approach is a best practice, we’ve noticed that SIEM/SOC solutions have often saved the day by identifying data anomalies and sending an alert while an attack is still in the early stages.
Minutes matter during a cyber incident, and that’s why the earlier a cyber incident is detected, the better the chances are to shut down the attack and limit the damage that could be done.
Here’s an example: An Elevity client’s well-meaning employee had unfortunately ignored multiple spoofing warnings from the company’s cybersecurity solutions. Unknowingly, they’d given a cybercriminal access to their user account. The company’s SIEM solution noticed that Outlook email rules were being changed and sent an alert. Elevity investigated the incident and found that the cybercriminal had used the employee’s account to initiate a wire transfer for a large sum of money. Because this was caught early, the client was able to stop the wire transfer before it went through.
What Is the Role of Cyber Insurance in Your Incident Response Plan?
For small and medium-sized businesses (SMBs), it’s important to understand what your cyber insurance policy covers. Typically, your insurance carrier will give you access to a breach coach – a lawyer who specializes in data privacy and breach notification. They’ll assist in shielding you from any potential litigation. A digital forensics incident response team will also review data and determine answers to questions, such as:
- How did the cybercriminals get in?
- What data did they potentially steal?
- Which systems did they access?
In general, your cybersecurity incident response plan will need to include not only the processes, but also identifying the people who’ll be a part of this, and what their roles will be. You’ll need to know the internal staff will be in charge of making decisions, and which external experts will need to be leveraged in order to stop the attack and rebuild.
How Much Does Cyber Insurance Cost?
Each insurance carrier calculates cyber insurance differently, so it’s a good idea to know what all of the factors being used to calculate your cost. Some of these factors you may have control over, and others you won’t.
For instance, having more layers of cybersecurity may mean a lower price when purchasing cyber insurance. However, businesses in highly targeted industries such as healthcare, legal and finance may have higher risk and therefore more costly cyber insurance.
Want to unlock the best rates? Having a SIEM/SOC solution, is an excellent start.
Proactive Cybersecurity Services
Looking to up your cybersecurity game? Contact the experts at Elevity. Our Technology360 Analysis will give you a clearer understanding of your specific needs and we’ll help you construct a roadmap toward a more effective cybersecurity plan.
