Cyber insurance is back in the news, as several cities hit with ransomware recently turned to their insurance carriers for ransom payments.
Can you assume that all you have to do is buy insurance and be done with it?
Well, as they say in insurance, that’s pretty risky.
As we noted back in our December 2018 newsletter, cyber insurance policies come in all flavors, and they cover different things. Some policies cover network penetrations, for example, but not a loss from a phishing attack. Other issues where coverage can vary is recovery costs, forensics work, equipment replacement, and, of course, ransom payments.
Just because a city used insurance money to pay $600,000 for a ransomware demand, doesn’t mean your policy provides this coverage to you. What’s more, you need to be sure your policies cover what you really need covered.
You can’t assume insurance will make you whole in a breach. If you want to be sure your organization is protected, we recommend the following steps:
1. Get a Risk Assessment. Use an independent, third-party organization, such as ImageQuest, to get an objective, accurate assessment of what you need coverage for if your systems are breached.
2. Have an expert review your cyber policies to check the coverage – and to make sure your organization hews to its requirements for security measures. A second opinion will either put your mind at ease – or reveal gaps in coverage that could hurt your business.
It doesn’t hurt to also have the following in place to get your business better premiums:
1. Have reliable backups. Make sure you’re backing up frequently enough with a useable recovery copy to continue business if attacked.
2. Consistently apply prompt patching and updates. And make sure you’re using software the manufacturer still supports with updates, too! Reminder: Microsoft will stop supporting Windows 7 on Jan. 14.
3. Train your employees – and keep training them – on proper cybersecurity measures to stop attacks. This include teaching your team to be skeptical, avoid clicking on dangerous links, and above all, double-checking when emails seem questionable, are asking for credentials, or seeking money in some way. You should also train on what to do if they suspect malware on their workstation.
4. Have a tested disaster recovery plan. Your team is human, and mistakes will happen. Having a plan you’ve rehearsed can get you back to work and on the path to recovery faster – and less expensively.
Cyber attacks will continue unabated in 2020. They can be relentless – and they can be devastating to businesses. Best to make sure your insurance has your back now.
We are happy to help – contact us today for a conversation to learn more!