In case you haven’t heard, cyber risk is now seen as the most important business risk in 2020. Companies of all sizes and industries are facing a number of challenges that include larger and more costly data breaches, ever more ransomware incidents and the increasing rate of litigation that occurs after an incident. [1]
In today’s interconnected, always on digital age, our data is everywhere, making it possible for even the likes of Facebook, Microsoft, CapitalOne, Fortnite and the many others who got hacked in 2019. The aforementioned recognizable brands seemingly spend hundreds of thousands, and in some cases, millions of dollars every year to protect their systems. If their systems can be breached, it’s safe to say that the probability of a cyber incident happening to a company with a lesser known brand or cyber security budget is pretty high, and the impacts can be even more devastating.
Cyber risk continues to evolve, and with many new technologies on the way, it will remain in the forefront for the unforeseeable future. This is why all companies and organizations today must prepare for the worst, then hope for the best and make sure its ready for a cyber disaster.
Those that proactively take the steps ahead of time to adopt a comprehensive risk of both high and low-tech strategies for combating cyber threats [2] and have an incident response plan in place to respond to an incident will be in a much more favorable position. Especially when it will be judged by all the parties involved in the incident (clients, customers, third-party vendors, etc), regulators and the public at large.
Indeed, it is far better to be prepared when there’s a heightened chance that an incident can happen at any time, versus being unprepared and approaching an incident with an ad hoc response that can lead to the downfall of your reputation. Why take that chance? There are certainly many companies and organizations today that are still unprepared and find themselves in that exact position, and attempt to navigate their response by piecing and patching together an emergency response. Why risk your reputation that way? Why respond to an incident that way?
Besides causing great damage to your company’s brand and reputation, another big side effect are that the financial costs to respond to an incident can be exorbitant. These costs include the remediation costs, attorney defense costs, loss of revenue, business interruption costs, litigation expenses, compliance fines/penalties, stolen data or money, data restoration services, etc.
Cyber insurance can be your company or organization’s best response strategy when a cyber related or data security failure incident occurs. Based on a recent survey, buyers want their cyber insurance policy to be able to respond to a business interruption and data breach. [3] Most cyber insurance policies today can respond to both. Though you will want to check the fine print to understand exactly how and when coverage is triggered and what terms and conditions may apply.
Indeed, cyber insurance continues to evolve as insurance carriers are cautiously mindful of the constant threats and new technologies that bring along new and ever more risk. This makes for the ideal time to make sure your company or organization has cyber insurance coverage in place -and- the right cyber insurance policy is crucial.
In addition, in order for cyber insurance to remain sustainable, insurance carriers are increasingly considering making changes that may curtail some of the coverage limits, such as cyber extortion. Companies and organizations should also expect to see cyber insurance premiums begin to increase this year. While it has been a buyer’s market for the past several years, we knew this was subject to change at some point and the pendulum has already started moving towards the carrier’s side.
We’re here to help you with the purchase of your cyber insurance policy. As experienced cyber insurance brokers, we can help your company or organization obtain multiple cyber insurance quotes and help make sense of the various coverage offerings.
[1] Allianz 2020 Risk Barometer
[2} CNBC, Cyberattacks now cost companies $200,000 on average, putting many out of business – https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html
[3] Advisen, Information Security and Cyber Risk Management , October 2019