No matter how well you plan, you’re never really sure about what is going to happen next – and unpredictability can be costly. To protect against medical costs, damage to our homes or businesses, car accidents and other unforeseen events many of us rely on insurance. As cybercrime becomes more prevalent, having a customized cyber insurance policy for your business becomes increasingly important.
If the concept of cybersecurity protection plans is foreign to you, this post will educate you on what they are and why you absolutely need one. We spoke with Micki Wojtysiak, CIC, CLCS and Scott Wojtysiak, CIC, CSRM at Reliable Insurance Agency to understand the importance of cyber insurance.
Cybersecurity Threats are Real
Most businesses don’t realize they are at risk of being hacked or experiencing a data breach. Scott says the majority of the time his job is educating businesses on any vulnerabilities they might have in their IT systems and how insurance can protect them.
Micki and Scott confirm that the top threats for businesses are cyber extortion and phishing scams. With cyber extortion, hackers may threaten a data breach or virus unless the company pays a ransom. There is, of course, no guarantee that you’ll get your data back if you pay. Phishing scams may include things like a fake invoice being sent to an employee in the accounting department who thinks it’s legitimate and pays it.
Are You at Risk?
Scott says cyber extortion threatens all industries – from education to retail. You may think it won’t happen to your business, but that’s what companies like the one in this example thought.
Scott told us the story of an educational institution that declined cyber insurance coverage. A year later, it experienced a ransomware attack and had to bring in external resources to rebuild the system from scratch. Unfortunately, it couldn’t restore the lost data. Needless to say, the company added coverage after that.
Wondering if you’re at risk? Do you …
- Communicate by email?
- Do any purchasing online?
- Communicate with vendors online?
If you answered yes to any of the above, you have a cyber exposure. It’s up to you to purchase protection plans for your business to be prepared in case it happens to you.
Don’t Rely on Generic Cybersecurity Protection Plans
If you are ready to rush out and buy the first cyber insurance plan you can find, keep reading. There are a variety of protection plans, and it’s important to understand the differences.
Scott likens package carriers to going to McDonald’s for a quick and easy burger. It’s an out-of-the-box insurance plan that is mass-produced for thousands of other businesses, just like those burgers. It doesn’t give broad coverage or take your specific needs into consideration.
On the other hand, Micki explains that carriers specializing in cyber liability are like family-style restaurants where you can order à la carte dishes. Everyone has a different level of risk, each industry has different compliance requirements (PCI, HIPPA) and every company needs specialized coverage for exposure. You can better customize your needs with this type of cybersecurity policy.
Knowing the difference between these types of insurance plans can help you decide which is best for your company’s needs.
Finding the Policy That Works for You
As you start looking for the right policy, insurance companies will ask about the controls you currently have in place to evaluate IT risks. You may not know what those are, so work with a managed service provider like KLH to understand your risks, add controls and cover gaps revealed during the insurance company’s discovery process.
KLH offers complimentary IT Security & Performance Assessments which can help you identify vulnerability gaps and better frame your “exposure” conversation with your cyber insurance provider. Keep in mind: working with a managed service provider like KLH is not the same as having insurance coverage. If you’re breached, you’ll need both to minimize the impact on your company. Contact us today to start discussing the risks you face and the next steps you should take to ensure your company is protected.