The market for cyber insurance is yet to figure out what it is actually delivering. It used to be a straightforward product, offered at a fair price under straightforward, understandable terms. The market has now become more resistant as a result of growing ransomware attacks and exorbitantly expensive collateral damage.
Denials frequently occur. There is a rise in litigation. Additionally, customers are gazing mischievously at their finances. Is purchasing cyber insurance even worthwhile?
It's a good idea to look at what your insurer is actually providing to determine that, aside from the restricted coverage in the event of an assault. Do they offer professional counsel? Testing for penetration? Tabletop workouts that make your weaknesses obvious? And what ought you do if they aren't?
Experts offer advice on how to use the market and address its weaknesses.
Partnerships for Cyber Insurance
There is a delicate line between being attentive and being possessive in interpersonal relationships. The connection between the insurer and the insured is the same. That bargaining position still exists in the cyber insurance industry. When a crisis occurs, some insurers remain distant and only take the bare minimal action. Others are more strict and demand thorough audits before granting coverage.
Which would you prefer—the jealous boyfriend or the cold-blooded friend with benefits? Neither, most likely. While you want your calls returned, you also don't want your phone to be constantly ringing. The latter is more in vogue, therefore the question is now how clingy you want your partner to be.
According to Kevin Novak, managing director of cybersecurity at risk management company Breakwater Solutions, "Carriers have become a little savvier when it comes to cyber risk and loss management, fueled by an almost seemingly endless portfolio of claims underwritten over the last few years — many of which have involved significant dollar payouts." "As a result, you can expect carriers to demand significantly more information about your company's cyber programmes, especially in areas that have proven to contribute most significantly to recent large-scale breach events, such as multi-factor The paper mentions authentication, end-point security, and privileged access management.
According to Isabel Dumont, senior vice president of marketing and technology at insurer Cowbell Cyber, "Policyholders should make use of all resources their cyber insurance provider offers, from cyber training to tools, services, and relationships with cybersecurity suppliers." The risk engineering team at Cowbell, for instance, works directly with policyholders to advise them on how to establish security best practices and an incident response strategy.
Companies and their respective CISOs should benefit from these evaluations of their security programmes, Novak continues, even though they may appear a little intrusive. Even if they won't completely replace the requirement for security teams to do their own programme reviews, an additional set of eyes is always beneficial. Additionally, these evaluations frequently offer more assistance when it comes time to ask for funding to address vulnerability concerns.
Break glass if there is a fire.
"Many organisations respect the incident response panel of vendors' 'in case of fire, shatter glass' strategy.". According to Anthony Dagostino, CEO of cyber insurance provider Converge, organisations that lack the human capital or financial resources to develop the comprehensive response capabilities needed after an incident can rely on their insurance company's product to "outsource" this. Law firms (sometimes known as breach coaches), forensics companies, notification and credit monitoring businesses, and PR agencies are among the services frequently offered. To maintain familiarity and comfort, businesses must understand how their insurance coverage functions during an incident and who those providers are.
"The insurer should have a specialised team of cyber security experts that can provide guidance and support in the event of an attack. Customers may make sure they are as ready as possible for a cyber-attack by working with their insurer, advises Oberon Copeland, owner and CEO of Veryinformed.com.
According to Novak of Breakwater Solutions, carriers frequently offer knowledgeable support to clients who experience a cyber event, even though it isn't necessarily expressly required by a cyber policy. Therefore, even though it is always advised that a company incorporate their insurance company's involvement into their cyber incident response plans, carriers have a vested interest in ensuring that a client manages cyber events quickly and comprehensively because doing otherwise could result in higher payouts. To assist businesses in responding to cyber events, carriers frequently have specialised cyber response teams or have screened and partnered with cyber consulting firms.
According to Jennifer Mulvihill, business development head of cyber insurance and law at cyber protection company BlueVoyant, knowing when and how to use these resources can be pretty important. "Notification and reporting of a claim, as well as how and when to contact partners to aid in an investigation — such as a forensic firm or breach coach," she writes, "may have a favourable or negative impact on coverage determinations."
Your Duty as an Insurance Holder
Many insurers anticipate their customers to create their own alliances. Even if that isn't the case, it's still a good idea to start building partnerships with security and incident response companies and create a strong perimeter immediately. This is especially true for smaller businesses that lack the funding to sustain internal workers that are dedicated to their work. In fact, doing so might lower insurance rates.
Pankaj Goyal, senior vice president of data science and cyber insurance for cyber security business Safe Security, advises that it should begin at the corporate level. How do you see the cyber risk? Which gaps are there? How much money is at risk? How much risk can you reduce by purchasing cybersecurity tools or budgets? How much risk do you need to transfer after that?
"It is the client's responsibility to ensure that they hire the appropriate skills. This knowledge might be in the areas of risk assessment, gap analysis, risk comprehension, and identifying areas for improvement, according to Goyal.
He continues, "Managed security service providers (MSSPs) may be very, very good advising and technical partners for the customer — they can create a longer-term cyber risk management plan." A business continuity strategy can be created and developed with the aid of incident response firms. These are crucial drivers that help a business respond and recover from cyberattacks swiftly and with the least amount of financial loss.
In the end, a positive relationship between the insurer and the insured depends on open communication. According to John Eckenrode, the director of cybersecurity solutions for consulting company Guidehouse, "there should be a very active and open channel of communication between the company and the insured." Every year, the situation should be reviewed rather than just stating that costs for cybersecurity have increased by 10%. Has your income changed during the last 12 months? Have you launched any new business ventures? Do you currently invest in cybersecurity? Have you ever been attacked? A positive relationship between the insured and the insurer depends on all of those factors.
The services you can expect and the costs you can anticipate can both be significantly impacted by these interactions.
