Cyber-Risk Insurance Update
In the past year, businesses have been applying for cyber-risk insurance at a blistering pace.
At the same time, many of these same businesses are filing claims related to ransomware attacks far more quickly than they, or their insurers, ever expected.
Year-over-year inflation for cyber risk insurance was 110% at the time we published last year’s article. Today, the insurance industry has caught up to the impact of ransomware attacks on their actuarial tables. The cost of cyber-risk insurance appears to be stabilizing with YOY price increases closer to 10%. (Bloomberg)
Does a Small Business Need It?
For small businesses, a cyber-attack may well be the most likely financial liability they will face in the near future, and Cyber-risk insurance is on a trajectory to become as commonplace as any other type of liability insurance. Cybercriminals recognize that smaller size businesses often have weaker cybersecurity defenses compared to large companies. These criminals now have tactical skills that make it cost-efficient to attack small businesses and they are using them on a massive scale. One of the most dangerous tactics being used to this end is called Business Email Compromise (BEC).
Having cyber-risk insurance, allows a business to cover expenses related to investigating and resolving a cyber incident, as well as losses associated with business interruption, data recovery, and legal fees.
Attacks are scary and overwhelming for small business owners. The insurance provider is a motivated and experienced partner in the moment of crisis when a company is dealing with an incident.
Qualifying For It
Cyber-risk insurance is stabilizing because the industry has had to become smarter and far more demanding when it comes to cybersecurity best practices. Many insurance applications now involve a relatively arduous compliance process in order to get the policy.
This means that, especially for smaller companies, compliance with those policies and requirements can be a frustrating and difficult process. They often just don’t have the internal resources to “go-it-alone” when faced with the demands of trying to stay ahead of the cybercriminals. This is where a strong IT services partner makes all the difference.
Sometimes, an insurance provider is making unreasonable demands that a strong IT services partner can spot and push back on as necessary. That being said, most of the time, the insurance underwriter and the IT support advisor are going to be aligned in helping the business to make the right decisions to protect itself.
Assessing Your Situation
Cybersecurity is now integrated into every aspect of a strong IT strategy, essentially because cybersecurity is interwoven into almost every IT project. For example, a company might be looking to upgrade its servers, migrate some resources to the cloud or replace its accounting software – whatever the need might be, security is now apart of the conversation.
We recommend connecting security best practices and the compliance expectations for the insurance underwriters. In other words, learning how to protect the business and implementing the right best practices will mean that applying for cyber-risk insurance will be an easy process.
Last May, EO Advisor published an important article about cyber-risk insurance. The information about compliance is even more important today. Keep reading to learn why this insurance is important for small businesses today and to find out about getting a free Security Assessment from Electronic Office.