The advancement of the Iot, cyber risks grow, for this reason all electronic security companies, including integrators, should think about acquiring policies that protect them from these threats. These are some important criteria for your choice.
Cyber threats are becoming the number one business risk for organizations of all sizes, from system hacks and DdoS attacks to ransomware, the news about cyber attacks is constant.
While it is true that there are fewer reports of attacks like the one suffered by Yahoo! In 2017, when the personal information of three billion users was exposed, this is not a reason to lower our guard.
According to McAfee, a firm specialized in computer security, the economic impact of this illegal activity in countries like Mexico is three billion dollars a year.
For this reason, it is necessary to be very clear about what is being talked about when cyber risks are mentioned.
According to the Deloitte consultancy, these are those crimes that involve fraud, the theft of information and money through digital access.
In most cases its consequences are:
- Service interruption
- Corruption or destruction of data
- Extortion activities in which they request money, access or corporate secrets from the victims
- Damage to the company’s reputation
- Privacy Risks for Company Customers and Employees
It is for this reason that governments are working on updating policies and standards that establish responsibilities for many more organizations.
For example, the General Data Protection Regulation (GDPR) of the European Union (EU), which came into effect in 2018, requires companies to adhere to specific standards of governance and accountability in the processing and protection of data related to EU citizens.
This new legislation also stipulates that in the event of non-compliance, companies must report to the supervisory authority within 72 hours. Failure to comply with these regulations could result in high fines or 4% of the company’s global annual turnover.
While organizations have been busy trying to understand the impact of these new requirements and putting in place the necessary steps to meet them, few have the certainty that they are protected against loss in the event of an attack, data breach, or unintentional breach.
What is cyber risk insurance
Insurance policies are nothing new to most organizations. However, as risks evolve into cyberspace, so do policies.
Today, there are more than 100 insurance companies around the world that offer cyber risk insurance that helps absorb customer risk when an attack occurs.
Hart Brown, a cyber security expert at Firestorm Solutions, a risk and crisis management firm, estimates the global market value of written cyber risk policies to be around $ 2.5 billion. Insurance providers like Allianz predict that this figure could reach $ 20 billion by 2025.
“Cyber risk or cyber liability insurance helps mitigate risk and uncertainty. In the event of a cyber attack, the insurance will give companies peace of mind and ensure that they can access funds to manage a response and keep the business running, ”says Philippe Verrier, cyber security expert at Genetec, a Canadian company specializing in security solutions. unified.
For security system integrators, there is also an opportunity to improve cyber security by displaying this insurance as proof so that their customers know that they follow strict cyber security protocols.
Take responsibility for Cyber risk beyond insurance
Since cyber risk insurance is a new product, there are still many unknowns for insurers on how to properly assess and calculate risks.
Typically, the cost of coverage involves completing a standard questionnaire about IT policies, the hierarchy of the organization, the size of the IT infrastructure, and the nature of the business.
In many cases, insurance providers tend to overestimate consequences and liabilities, keeping premiums high.
Still, businesses cannot rely on this insurance to save themselves from unexpected cyber threats, as the insurance only helps absorb costs in the event of an attack.
Thus, it is necessary for companies to maintain the highest cyber security standards, which include the implementation of various levels of defense, such as encryption, authentication and authorization.
It is also suggested to include the use of various tools to better protect data privacy and the proper installation of devices with strong passwords.
“Organizations should take the time to properly vet their vendors. Select partners who prioritize cyber security in their product development,” said Philippe Verrier. Who is also a Business Development Manager at Genetec.
He also commented: “They need to be aware of updates and patches to their systems. To make sure they are working with versions that have fixed known vulnerabilities. It is also important that they take a more active role in training their employees. Demonstrating general guidelines that can help them avoid unnecessary risks ”.
3 Key Considerations When Buying Cyber Liability Insurance
1. Identify the risks
Since cyber security can encompass many facets, so can liability insurance. Experts comment that there are up to 12 different types of coverage available.
Therefore, it is essential to clearly understand the cyber risks for which the organization needs protection. These can include a variety of computer and physical risks, ranging from data breaches to theft of corporate assets.
When a company is specific about the potential vulnerabilities it needs to cover. It is in a better position to find the insurance that meets the needs of its organization.
2. Know what the policy covers
Cyber risk insurance does not need to be separate. Existing insurance policies could be complementary to these new cyber-policies.
Some companies may order a combination of these products to obtain adequate coverage.
It is important to understand how each product could help you if you are responsible for a data breach.
Damages, the result of cyber liability, can be difficult to quantify and understand.
“Translating cyber risks into a financial model is a key step in ensuring adequate coverage,” says Verrier. “It is advisable to seek guidance from a professional broker or expert in the field. Who understands both the business world and that of cyber security risks.”
In Mexico there are insurance companies that have policies that cover defense. Compensation expenses, which cover costs related to regulatory procedures. The notification to clients or users of the responsibility generated by the handling. Custody of personal, corporate and confidential information. As well as for the breach of privacy regulations or security failures in the network.
3. Know the claims process
As well as coverage, the claims process is one aspect to consider when purchasing cyber liability insurance. In general, companies can expect to receive monetary compensation, which is helpful.
However, each insurance provider has a process to verify the authenticity of the claim. A response time to pay the funds.
If a data breach occurs, organizations need to know how quickly the fund will be available. Additionally, some insurance companies also offer access to services such as cyber investigators or public relations.
While a business may be busy managing the response to a breach or attack. Additional assistance during this process is an invaluable benefit.
How do you know if you need cyber risk insurance?
“The presence of cyber security threats will increase as the Internet of Things (IoT) grows. That is why all organizations, including security systems integrators, should seek cyber liability insurance, since the greatest benefit is peace of mind, in the event of a breach or attack ”, assures Philippe.
It is the sole responsibility of each organization or company to ensure. That the best cyber security practices are implemented in every project, from installation to maintenance.
They must remain vigilant and have vendors who provide tools and assistance to quickly identify and mitigate risks. Keep security systems free of potential vulnerabilities.
To craft a successful cyber security strategy, it is important to understand what you need to protect against. “In physical security systems in IP networks, Genetec solutions are designed with several layers of security and employ advanced authentication and encryption technologies, this helps companies understand the threat actors and evaluate possible security risks. , while allowing mitigating risks and developing a defense strategy to achieve greater cyber resilience ”, concluded the expert.
Read also: Business A Starting Before Things To Do