Preventing cyber-crime is a top priority, and for good reason: the threat level is higher than ever. According to Varonis, data breaches exposed 36 billion records in the first half of 2020. While partnering with a Managed Services Provider (MSP) can help enhance cybersecurity, no network should ever be assumed 100% secure. Cybersecurity insurance is an important part of any business continuity plan, offering protection against claims resulting from a data breach. This coverage also protects against financial loss as well as business interruption. Read on to learn more about cybersecurity insurance and why your business needs to have it.
Claims resulting from a data breach
A data breach can expose sensitive information about employees, clients, and third parties such as suppliers and vendors. Depending on the severity of the breach, you may be required to cover damages.
The global average cost of a data breach is $3.86 million. If you have cybersecurity insurance some of the incurred costs can be covered, including legal fees, remediation, and damages. Insurance companies will often also include advanced cybersecurity teams to assist with the breach. Without insurance, hiring a firm to perform forensic analysis and response can be very expensive.
Coverage can be quite different from company to company, so make sure that you thoroughly understand your policy ahead of time.
Business interruption coverage
Certain types of cybersecurity incidents can directly impact your finances. For example, your bank accounts could be compromised or access to critical systems or equipment could be shut down, halting business operations directly. These types of scenarios can cripple a business and take months (or even years) to resolve, if at all. 40% of businesses fail to reopen after a business interruption and 90% of businesses fail less than two years after being struck by a disaster.
Cybersecurity insurance can help cover some of the losses, provide funds, and get your business back online.
In 2018, there was a new addendum to Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). There was also an update to the European Union’s General Data Privacy Regulation (GDPR), which also impacts Canadian businesses if they store or process information for European citizens.
Essentially, these compliance updates increase the risk of punitive measures and fines. Fines can be up to $100,000 per violation- something your business may not be able to recover from on its own. Cybersecurity insurance can help with the impact.
Corporate officers may be held liable
As the number of breaches continues to increase each year, discussions around holding corporate officers responsible for cybersecurity negligence have become a serious topic. Cybersecurity should be considered essential to your corporate strategy. It’s important to have everyone in your company involved, especially the leadership team.
Canadian Underwriter reports that executives and corporate boards can be named liable in the event of a breach if there was a proven failure to exercise due diligence and governance with cybersecurity policies and procedures. For example, if the IT team puts in a documented request to implement MFA (Multi-Factor Authentication) to protect the business because they know it offers 99.9% protection against identity-based attacks, and the leadership team denies the request, they may be held liable for not exercising proper care.
Oftentimes, cybersecurity insurance can assist with liability if negligence isn’t a factor.
Choose an independent broker and have them work with your MSP
Guidance from an MSP is an invaluable tool. Ensure you involve your MSP when choosing cybersecurity insurance. The best strategy is to use an independent insurance broker that can obtain quotes and policy details from numerous insurance companies. Coverage will vary between companies
Have the broker consult with your MSP to ensure that you get the coverage you need for your business. The right broker will meet both explicit and commercial needs and source a policy that aligns with your risk tolerance.
Insurance coverage is not a suitable alternative to implementing appropriate cybersecurity. You need both. The best way to implement modern cybersecurity best practices is to partner with a Managed Services Provider. If you’re looking for an MSP that puts security first, stays on top of industry trends, and has a proven track record of excellence, contact SIRKit. Their expert team would be happy to implement cybersecurity protection and source a valuable insurance partner.
If you’re looking for a partner for cybersecurity insurance, look no further than ARC Insurance. We have experience in handling and implementing cybersecurity policies for organizations of all sizes. We can help find the very best policy for your company's unique needs. Have questions or concerns? Contact our team today!
This article originally appeared on SIRKit.ca.