Cyber Insurance – You Can’t Stop There

Top News in Cyber Defence

Cyber Insurance – You Can’t Stop There

Many organizations have taken the leap into the cyber insurance market over the last few years. Not only for peace of mind but also because the industries they are in expect it.

But, most organizations are consistently failing to appropriately measure their overall cyber risk and what they must do in order to maintain compliance with the policy terms.

Beyond that, the process for acquiring cyber insurance is far from straightforward. Carriers are now conducting deep-dive assessments into your security posture to help determine the risk they are taking by providing a policy. What carriers find during these assessments can determine the policy terms and conditions, as well as your pricing.

At the same time, as threats continue to advance in severity, carriers are continuously changing policy terms and adding exclusions to remove ambiguity on coverage.

Understanding Your Risk 

Your organization must consider the value proposition of cyber insurance and what amount of coverage makes sense for you.

In order to make the best decision, you need to take a step back and truly think about the enterprise-level impact of a major cyberattack. It’s important to consider operational losses, while also looking at:

  • The costs of recovery
  • Potential long-term litigation
  • Customer notification/protection (credit monitoring)
  • The true loss due to reputational harm

To learn more about the cost factors of a cyber breach, please refer to our recent blog, Cyberattacks – The True Costs.

You must also understand the type of cyber insurance policy your organization is acquiring. You can choose to purchase policies that are categorized as first-party and/or third-party.

First-party insurance usually covers things like the cost of forensic investigation, fines/penalties because of lost data, financial loss, technology damage, and the cost of notifying affected customers.

Third-party coverage deals with affected parties outside the insured organization. This coverage includes things like legal expenses, damages, settlements, and claims by customers/individuals affected by an attack.

Policy Compliance Challenges

Cyber insurance isn’t a get-it-and-forget-it proposition. Stakeholders at your organization must understand their coverage and continue to be proactive in maintaining a strong cyber security program.

In fact, if your organization does experience a breach, you can expect your carrier to conduct due diligence that validates that you maintained proper cyber security hygiene. This could involve the review of multiple aspects of your program and your actions taken in response to the incident.

Key failures that could lead to partial or complete denial of your claim would include:

  • Vulnerability Management – Failure to patch known published vulnerabilities within your network
  • Privileged User Accounts – Failure to appropriately manage and secure privileged accounts (ie. lack of Multifactor Authentication)
  • IR Retainers – Failure to maintain agreed to incident response retainers with carrier approved vendors
  • Incident Response Plans – Failure to create and/or maintain your organization’s cyber incident response plan
  • Incident Notification – Failure to notify the carrier in a timely fashion or improperly notify the carrier

Staying Ahead

There is no guarantee that an attack can be prevented, even with a strong cyber security program. The best organizations have implemented a proactive cybersecurity program that delivers risk-based controls that mitigate the likelihood and the impacts of an attack. To do this effectively, it is imperative that the cybersecurity program has the support and full engagement of executive leadership.

How We Can Help

At White Tuque, we believe the first step to protecting your assets is understanding your business and the associated risks. Using an advanced and risk-based approach that adapts to the evolving threat and regulatory landscape, White Tuque can become your trusted cybersecurity and resiliency partner.

To learn more about our services, please reach out to us to schedule a free initial consultation.

Would you like more information on this topic?

White Tuque Newsletter | September 2024

CyberSafe Chronicles​ Tuque’s Take on the News Construction firms breached in brute force attacks on accounting software Hackers are brute-forcing passwords for highly privileged accounts on exposed Foundation accounting servers, widely used in the construction

White Tuque Newsletter | May 2024

CyberSafe Chronicles Newsletter Content Tuque’s Take on the News LastPass: Hackers targeted employee in failed deepfake CEO call LastPass revealed recently that threat actors targeted one of its employees in a voice phishing attack, using

Revealing the Power of Cyber Asset Management

In the fast-paced digital era where organizations heavily rely on technology, managing cyber assets has become a critical aspect of ensuring a secure and resilient digital landscape. Cyber Asset Management (CAM) plays a pivotal role

Work With Us.

  •  

Robert D. Stewart

Founder & Head, Strategic Threat Intelligence

Robert is a technology incident and crisis management specialist with over 3200 hours leading critical recoveries and investigations within regulated industries.

Robert has built cyber incident and global crisis processes for the Fusion Centres of two major North American banks. With an extensive focus on operational resiliency, Robert worked as a Global Crisis Management Specialist, leading the technical migration for the pandemic for a multi-national financial institution.

Robert is a threat intelligence specialist focused on preventing large scale incidents and attacks before they happen, with unparalleled experience in incident response: 650 critical incidents within the global financial sector leading to the recovery of over 250 unique global financial systems, with 6000 executive communications and briefings issued, and over 200 post-incident reviews.