By now, you have likely heard of cyber insurance. With the cybercrime incidents rising, cyber insurance is increasingly becoming a necessity for survival. Here are a few things to consider before you purchase a cyber insurance policy.
First, perform an internal risk analysis. Research to understand what kind of cybercrimes are most common in your industry and ensure your insurance policy covers those. As we discussed before, the most basic type of cyber insurance covers data breach and associated costs, but you definitely want more than just that.
What is the scope of your policy
Be clear about the scope of your policy before you sign the dotted line. Remember that cyber insurance functions on the same principles and policies as any other insurance, which means there will be deductibles, waiting periods and exclusions. Be sure to ask your insurance service provider about them. You don’t want to find out you weren’t covered for something until after the attack, at the time of claim. Here are a few things to ask your insurance company in this regard:
- Does the policy cover you if a breach happens via your sub-contractor or vendor and makes you liable to your clients? If your cyber insurance doesn’t cover incidents such as these, then make sure your vendors and sub-contractors have cyber insurance to cover you or sign some kind of an indemnity contract with them so you are covered in the event of such incidents.
- In the case of an employee misstep, such as clicking on a fraudulent link or sharing data to a dubious email or phone contact, will you still be covered? (Are you training your employees to avoid these pitfalls?)
- Ask your insurance provider to clearly spell out any deductibles, exclusions and time windows that may exist.
- Confirm what your liabilities would be as the insured. For example, there may be requirements regarding antivirus measures, data safety and security measures, IT training, timely data backups and IT audits, that you may have to follow in order to be eligible to be covered under the insurance in the event of a breach
Before you sign up, do your research thoroughly, get proposals from multiple insurance service providers and opt for a policy that covers your needs the best. Sometimes, service providers may be willing to make additions or modifications to an existing policy to meet your exact requirements, which may work best for you.