Tips for Risk Managers – Choosing a Cyber Insurance Policy
Cyber-attacks and data breaches are amongst the top threats that are usually top of mind for risk managers and the insurers who whelp them. Most risk managers understand that it is no longer a question of “if” but instead “when” their company will experience an incident.
According to a recent IBM report (2015 Cost of Data Breach Study), the per-record cost of a data breach reached $154 in 2015, up 12% from $145 in 2014. Additionally, the average total cost of a single data breach rose 23% to $3.79 million.
In order to secure the best coverage options, companies need to work with their brokers to evaluate policies, as well as take steps to assess their cyber risks and reduce the overall cost of insurance.
3 Tips for Risk Managers – Choosing a Cyber Insurance Policy
Work with your insurance broker
Companies need to properly evaluate policies to ensure they are getting coverage that meets their risk profile. Working with a broker is beneficial as they are knowledgeable regarding risks and exposures presented during security incidents.
Ask smart questions
Do your research when it comes to choosing your insurer for your cyber insurance policy. Asking smart questions will help ensure you select the best coverage for your needs. Some examples of questions your broker should ask insurers include:
- What is the breadth of coverage and what exemptions are in the policy? Do they demonstrate a clear understanding of the real risks this company faces from security threats?
- How much loss experience does the insurer have in this area? Has the insurer paid actual data breach claims and covered other previous, major incidents?
- Does the insurer have specific policies that account for the risks or needs of your organization’s industry?
It is important to cover all the aspects of a response, both pre- and post-breach, and dig into what’s really included and excluded in a potential future loss.
Reduce your risk
- Do your due diligence on your cyber security practices ahead of time. Insures are looking for companies that can demonstrate they have a mature security program in place that reduces the likelihood of an accident.
- Have a well-documented data breach response plan in place.
- Conduct an annual cyber risk assessment.
- Provide details about how your organization holds vendors or other third parties that may have access to your sensitive information accountable.
Ultimately, companies will benefit greatly from cyber insurance if they are informed about security risks, educated on the variety of policies available, and are aware of the coverages they need. Remember, it is your responsibility to be an educated buyer.
HUB International TECHNOLOGY
HUB International TECHNOLOGY is based in Vancouver and focuses on insuring and protecting public and private companies in the technology sector. We offer Risk Management and Loss Control strategies, placing General Liability, Property, Business Interruption, Cyber Liability, along with other coverages for all types of technology companies, including E-Commerce
Original article source: 3 Things to do when looking for cyber insurance