In the not so distant past, the term cyber insurance was about as foreign a concept as anything in business. After all, businesses had general liability policies, error and omissions policies, and other coverage, so why cyber insurance? Fast forward to 2019 and cyber insurance has now become an essential safeguard in the world of information security.
“The prevalence of high-profile breaches over the past year is only accelerating the process of companies investigating cyber-insurance,” according to Michael Bruemmer, vice president at Experian Data Breach Resolution, noting that more of Experian’s clients are opting for cyber-insurance than ever before. “The greater awareness and interest in cyber-insurance started about two years ago, but certainly this has accelerated because of the recent large breaches.”
Here are some expert tips when looking to obtain cybersecurity insurance for your business, as noted by bankinfosecurity.com:
Look for Retroactive Coverage: Breaches can lurk for weeks, months, even years, before they are found, so it’s important to have a cybersecurity policy that provides such coverage. There are policies that extend back as far as 10 years, according to insurance expert Gregory Podolak, at Saxe Doernberger & Vita law firm.
Choosing Vendors and Legal Counsel: Sean Hoar, member of the privacy and security team at the law firm Davis Wright Tremaine LLP, cautions policy holders when it comes to choosing their vendors and legal counsel, if a breach occurs. “I have had a number of existing clients who didn’t realize their cyber-insurance policy limited their choice of legal representation,” he says.
“They were shocked and disappointed to find they had to engage unknown third-party counsel or pay out of pocket for all legal services related to the data breach or compromise.” Furthermore, Hoar notes that “When drafting the policy, organizations should ensure they have the right to select the forensics organizations, advisers and public relations firms they want as well, Berk says. “You want to be able to select your vendors.”
Get Coverage for Employee-owned Devices: Because employers generally allow employees to use their own devices (i.e., laptops, home computers, cell phones, tablets, etc.) for work, make sure your cybersecurity policy covers breaches related to such devices. According to Lon Berk, a partner at the law firm Hunton & Williams, “You don’t want the definition of a computer system [in the policy] to just be a computer system owned by the organization, because [employee owned] devices might [be the cause of the breach].”
Word to the wise – not all cyber insurance is the same, so make sure you find policies that will cover SPECIFIC instances relating to cybersecurity, such as data breaches, insider attacks, and other growing threats. Going cheap on cybersecurity can cost you – big time – so buyer beware.
Charles has helped thousands of businesses throughout the world in designing and implementing a wide-range of information technology & cybersecurity solutions. And he’s helped these very businesses grow by identifying their niche, launching new services, and ultimately obtaining a true competitive advantage in the marketplace.
Charles works with CEO’s, entrepreneurs, business owners – anyone with a true passion for securing & growing their company in today’s challenging & complex business arena. Charles also consults regularly with top political and business leaders including former Vice Presidents of the United States, Secretaries of State, ambassadors, high-ranking intelligence officials, CEO’s, entrepreneurs, civic leaders, and others. Learn more at charlesdenyer.com.