Cyber incidents are on the rise, and the threats faced by businesses increase with each passing year. With that in mind, attacks have become more sophisticated with greater reach.
Currently, a log4j vulnerability is majorly affecting the internet and putting companies of all sizes across the world in crisis mode. Bad actors have made millions of attempts to exploit the vulnerability that allows remote attackers to take control of computers.
Businesses have consistently ranked cyber incidents as one of their top concerns. The 11th annual Allianz Risk Barometer recently came out and the number one business risk is — you guessed it, cyber incidents.
How does a company protect itself from these never-ending threats?
Unfortunately, there is no single solution. Rather, it is a puzzle comprised of various pieces such as vulnerability management, pentesting, data protection, access management, and cyber insurance. The latter, which is an important component of an overall cyber security portfolio, is what I will touch on.
Before an organization can fully implement cyber insurance, certain measures need to be in place. These vary from insurer to insurer, however, common items include:
- Firewalls and antimalware software are used, checked, and updated
- Regulated/automated process for updates, patches, and service packs
- Backup creation and retention processes are in place and recovery tests are performed at least once a year
With the requirements in place, what exactly does cyber insurance do?
Simply put, it is there as a reactive measure in the event of cyber-incident loss. Mainly, the policy provides first-party and third-party financial loss coverage.
To be more specific, the insurance should cover:
- Costs for the restoration of the data and the functionality of your systems
- Costs and loss of profit for any resulting business interruption
- Costs of informing customers about the loss of data
- Financial losses to third parties
In addition to the features above, another crucial element is crisis and reputation management. The insurer should provide a forensic team to investigate and resolve an incident. Additionally, there should be specialists available to manage any potential damage to your reputation.
What should happen when a company experiences a cyber incident?
When a company is the victim of an incident, it needs to address the situation and inform affected parties as soon as possible. Ignoring or trying to hide it can have negative repercussions, especially if the press makes an announcement before the company has a chance to.
What are some of the most common mistakes companies make with cyber insurance?
A common mistake is obtaining cyber insurance coverage and then never looking at it again. It’s of utmost importance to work with an insurance partner that reviews the program at least once a year in order to ensure the coverage matches the risks and exposures.
Lastly, to stay one step ahead, be proactive and contact your insurance provider if:
- You take on more clients and/or partners
- Have an uptick in the number of data sets
- Start handling more sensitive information
Learn more about how cyber insurance and pentesting can help build a proactive approach to security with Early & Often: The Benefits of Continuous Pentesting & Cyber Security Programs.