One of the biggest threats that all businesses and institutions must take into account is the possibility of a cyberattack. Data breaches, ransomware, and other types of attacks can be devastating to a business and result in large losses, suspension of operations, lawsuits from clients and customers, and even the closure of a business.
Every business and institution should have some cybersecurity measures in place to help protect against threats like ransomware and data breaches. Businesses can also take the extra step of getting cyber insurance to cover any losses incurred from a cyberattack. Cyber insurance can protect businesses and institutions from major losses and help keep them in operation after falling victim to an attack. However, cyber insurance policies are not handed out, businesses have to meet the right requirements to qualify for coverage.
In this guide, we will cover what cyber insurance is, how it protects your business or institution, and what you need to do to qualify for cyber insurance coverage. At PSM Partners, we are cybersecurity experts that can help protect businesses and institutions from cyberattacks and ensure that they have the right protections in place to qualify for cyber insurance.
What is Cyber Insurance?
Cyber insurance is insurance that covers costs and losses from a cyberattack such as a data breach, ransomware, and customer lawsuits as a result of the cyberattack. Unwanted incidents that may be covered by cybersecurity insurance include the following:
- Data breaches
- Ransomware losses or payment
- Server malfunction resulting in downtime
- Network damage
Cybersecurity insurance is a relatively new type of insurance that was developed in response to the increase in cyberattacks. There was a 70 percent increase in cybercrime between 2019 and 2021 and cyberattacks have caused an approximate total of $6 trillion in total damages. This trend is expected to continue, making it very important for businesses and institutions to get cyber insurance coverage.
The costs covered by a typical cyber insurance policy include investigation and documentation of the attack, hardware repairs, data recovery, PR damage control, crisis management, notifying regulatory bodies and customers, and more.
Who Should Get Cyber Insurance?
Any business or institution that stores sensitive data from their clients, customers, and partners and/or conducts electronic transactions should seriously consider cyber insurance. Businesses and institutions in regulated industries like finance and healthcare may be required to have cybersecurity insurance. Even small and medium size businesses can fall victim to cybercrimes and could benefit from a cyber insurance policy.
Cyberattacks can be costly to businesses due to the losses caused by the attack and the money it takes to recover. The losses can be especially harmful to small businesses. The protection provided by cyber insurance can save your business when such an attack occurs.
What Does Cybersecurity Insurance Cover?
It is important for businesses and institutions to know what type of cybercrimes and losses their cyber insurance policies will cover. The main cyber insurance claims fall under one of these four categories:
Data breaches are a common type of cyberattack as cyber criminals are always interested in sensitive personal identifying information (PII). When a data breach occurs, this information can be compromised or lost. Insurance coverage for data breaches includes the following:
- Solutions for identity recovery
- Income and wage losses
- Crisis management expenses
- Public relations expenses
- Forensic investigations
- Regulatory penalties and fines
- Mental health counseling for customers and employees
Ransomware attacks lock up your system and the criminals responsible will demand a payment for the restoration of your system and data. Even when paying the ransom, there is no guarantee that you will get your data back. These attacks may require extensive downtime while your system is repaired and restored.
Cyber insurance can cover the following related to ransomware attacks:
- Ransom payments
- System failure recovery
- Data restoration and recreation
- Forensic accounting solutions
- Business loss and fallback plan
Payment fraud is when employees are tricked into sending money to fraudulent accounts or sharing sensitive information. This also includes hacking in which funds are stolen. Cyber insurance provides first-party coverage for the following types of payment fraud:
- Computer fraud
- Telecommunications fraud
- Misdirected payment fraud
4.Third Party Liability
Third party liability includes coverage for expenses from liability lawsuits, including:
- Network security liability
- Electronic media liability
- Trademark and copyright infringement
- Violations of privacy rights
- Unintended defamation
- Support for public relations expenses including informing those affected and restoring business reputation
Qualifying for Cybersecurity Insurance
The frequency of cyberattacks puts cybersecurity into the high-risk insurance category. Providers of cyber insurance understand that any business can be affected by a cyberattack at any time which can lead to expensive claims. Therefore, cyber insurance providers will not cover businesses and institutions that do not take effective cybersecurity measures to protect themselves from cyberattacks.
Underwriters for cyber insurance providers will examine the risk profiles and cyber hygiene of businesses and institutions that apply. Businesses and institutions that have effective cybersecurity measures in place are more likely to be approved since these actions lower their risk profile.
The following are the basic cybersecurity requirements that businesses and institutions must meet to qualify for cyber insurance:
1.Multifactor Authentication (MFA)
Multifactor authentication (MFA) is a method of protection for passwords that requires users to enter the password as well as an additional authentication code sent directly to the user via an app or mobile device. Setting up MFA is recommended for remote users and for accounts with admin or escalated privileges.
All passwords, including strong passwords, are vulnerable to cyberattacks, especially if the same passwords are used by multiple users or on multiple websites. MFA requires users to verify their identity a second way after entering the password with a code that expires quickly after it is sent. Setting up MFA does not make your accounts invincible to cyberattacks, but it has been shown to be effective in preventing unauthorized access.
Businesses and institutions must have MFA in place for network access and important accounts to qualify for cyber insurance.
Learn about What is the best MFA method for your business?
Scam emails are a very common form of phishing. These messages may include links or attachments that can install malware or other malicious content. Your business or institution should use email filtering to help identify possible scam emails so they can be deleted right away.
3.Backups and Recovery
Your business or institution should back up everything, including sensitive data, software programs, and more. You must make sure that your backups are effective and secured and protected with MFA. In addition, you will want to ensure that you have immutable copies of the backups. The following tips will help ensure that your backup is secure:
- Encrypt all backups
- Set up incremental backups at regular intervals as well as occasional full backups
- Backups should be separated from your network
- Establish a data restoration testing schedule to ensure your backups are effective
- Consider using more resilient media such as magnetic, tape, and optical media
4.Up-to-date Antivirus Software
All computers and other devices within your network should be protected with up-to-date antivirus software. Make sure to install antivirus software on computers that do not have it and update the software whenever necessary for the best protection.
5.Documented Incident Response Plan
All businesses and institutions should have a documented, detailed incident response (IR) plan that can be implemented as soon as an incident occurs. When an incident occurs, you are responsible for reacting to the incident and communicating with your team, clients, customers, the media, other organizations, and anyone else who may be affected to let them know what happened.
Your incident response plan should include the following:
- Identification of the incident and quick response
- Tools and resources that can help with the response
- Clearly defined roles and responsibilities for your team members in case of an incident
- Complete IR plan that includes detection and analysis of the threat
- Containment and elimination of the threat
- Full disaster recovery plan
This plan should be tested to ensure that your business or institution can effectively respond to a cybersecurity incident.
To learn more, check out our article about How to Create An Incident Response Plan.
6.Privileged Access Management (PAM)
Administrator and privileged permission accounts must be secured more heavily than general user accounts within your network. You should make sure that only select users like network administrators and IT professionals are allowed to access privileged accounts and perform the tasks needed within these accounts. Even those with access should only log in when carrying out tasks within the account and they should be logged out for all other tasks not requiring privileged account access.
7.Endpoint Detection and Response (EDR)
There are many devices employees may use to access your network including desktop and laptop computers and mobile devices like smartphones and tablets. Businesses and institutions must account for every device that is used to access their network.
End point detection and response (EDR) is the practice of monitoring connected devices and collecting data from the devices including their location, software, and if a device is used to download or install software. EDR helps you prevent access from unauthorized devices and respond to incidents that require remote wiping or forensics.
The majority of cybersecurity incidents within businesses and institutions are caused by employee behavior. While criminal activity by employees accounts for some of these incidents, most of these incidents are caused by employee negligence or the theft of login information.
Businesses and institutions must train their employees to protect their login information, identify possible threats like phishing emails, and always be vigilant to avoid incidents caused by mistakes or negligence.
9.Third Party Vendor Security
Many businesses and institutions work with third party vendors that provide a service that is part of their IT environment. If one of these third party vendors have a cybersecurity incident within their system, the incident can easily affect your system as well.
Businesses and institutions must make sure that all third parties that they work with have effective security measures in place that will prevent you from being exposed to incidents that occur within their system. Being aware of the measures they take helps when applying for cyber insurance. There are also measures you can take on your end to protect your network from third party cybersecurity risks.
Cybersecurity Services from PSM
If you want to protect your business or institution from cybersecurity threats with cyber insurance, taking the above-mentioned actions will help you qualify and get approved for coverage. Just about every business and institution is vulnerable to cyberattacks at any time and cyber insurance providers want to make sure that the businesses they insure are doing everything they can on their end to protect themselves and lower the risk of a cyberattack.
Some businesses or institutions may not have the expertise or the staff to put effective cybersecurity measures in place to qualify for cyber insurance. If you need help improving your cyber hygiene, our professionals at PSM can help. We provide cybersecurity services in which we will find vulnerabilities and implement security measures to keep your network protected against cyberattacks like ransomware and data breaches. With our cybersecurity services, your business or institution will be in compliance with the requirements for cyber insurance so that you can qualify for coverage.
Give PSM a call at (312) 940-7830 for more about our cybersecurity services.