Cyber Security Insurance – Are you covered?

If, like me, you have been reviewing insurance renewals recently, you will probably have seen the increasing recommendation to protect your business with cyber liability insurance, if you haven’t already taken this cover.  Cyber insurance products have evolved significantly in recent years and offer genuine protection to a business, but you must be sure of your own security controls for the policy to be effective.

Cyber insurance has seen a 50% surge in policy uptakes during 2016 and 2017, with a similar growth rate expected for 2018; driving this growth is the frequency of large cyber-attacks, such as ransomware (350% in 2017).

With more modern business conducted online, the economic impact is also higher.  Modern cyber premiums often cover the cost associated with non-physical acts such as network or system failures, data-breeches, forensic examination, reputation management and business interruption.

With the market size of cyber-insurance increasing, the UK insurance regulator (PRA) has become more involved; consulting on rules of measurement, policy management and how policies are underwritten.  Policy holders must ensure they are mindful of the requirements placed on their business, to ensure compliance with policy terms for cyber risk management.  For example, the expectation that policyholders are cyber-resilient, and that reasonable measures and precautions have been taken to prevent an event occurring, are often a prerequisite for the insurance to be valid; failure to have these measures in place can often be classed as a ‘pre-existing problem’.

Reasonable measures and cyber-resilience start with a standard or baseline.  A resilient approach can be broken down into 4 phases; prepare, absorb, recover and adapt.

There is no silver bullet, no matter how much you spend on cyber security hardware, software and training, all you are doing is lowering the probability of becoming a target, or minimising the damage if you are successfully targeted.  A prepare, absorb, recover and adapt strategy will help to minimise the impact on your business.  If you find that you are the victim of a cyber-attack, a prepare, absorb, recover strategy will allow your business to recover more quickly.

The UK Government’s Cyber Essentials scheme is a great starting point for businesses that don’t have a cyber security standard or strategy.  Cyber Essentials identifies 5 basic technical controls to protect your business.  The scheme is not definitive but does provide an indication of areas that merit further attention within a business.  Should you choose, your business can become accredited in recognition of the security controls in place.  Depending on the nature of your business, some accreditation’s automatically include cyber indemnity of £25,000 for UK small and medium sized organisations.

DCS are an IT business systems provider, specialising in business security audits, scenario planning, recovery and training. By partnering with us you are taking the first step in ensuring that your business has a resilient and robust cyber security strategy in place. We work closely with you to ensure that you have the necessary processes and systems ready, for if you ever are a victim of a cyber-attack.

Learn more about our Cyber Essentials courses here.

 

Related Posts
Making Tax Digital One Year Countdown Starts

April is just a few days away now and that means the first small-scale pilots of the government’s Making Tax digital (MTD) initiative will start rolling out to businesses across the UK. The next 12 month period will see systems and processes related to MTD monitored and no doubt tweaked in order to ensure a...

Read More...
Go bespoke – Enter the Sap Business One fitting room…

At dcs we know that when it comes to business software that makes a real difference to an enterprise there is no such thing as ‘one size fits all’. Every business is different and so therefore, are their requirements when it comes to how the core systems supporting their operation are delivered, set up and function. As a SAP business partner,...

Read More...
SMBs can take Digital Transformation lead, leapfrogging their larger peers

We don’t always think that SMBs have advantages when it comes to leading the way in digital transformation. Large companies have bigger pockets, meaning more investment in new technologies, they also tend to have larger teams, with whole departments dedicated to things like cyber security. But one thing that SMBs have that, generally speaking, larger...

Read More...