NovaBACKUP Security Blog

What is Cyberinsurance?


Ransomware continues to make headlines. The progress of businesses, schools, and government agencies comes to a grinding halt for perhaps hours, often for days. This phenomenon, among other things, has brought a new popular term into the IT lexicon - Cyber insurance. What is it? Do you need it? What must you do when looking for a policy? Today we begin a new multi-part series on this compelling topic.
The result of a recent Spiceworks survey revealed that 38% of organizations across North America and Europe have a cyber insurance policy. Cyberinsurance is liability coverage that insures against damages you might incur from events like cybercrime, and data breaches where customer data is exposed. Imagine the costs associated with the loss of private customer information such as social security numbers, credit card numbers, and health records. Your recovery costs might include notifying customers as required by law, any resulting lawsuits, data recovery costs or even reimbursing the extortion costs of ransomware. With an ever-increasing number of businesses signing Cyber insurance policies, it’s wise to understand what is available and what to consider.

The realities of signing a Cyber insurance policy:

  1. Policies
    Every cyber insurance policy is different, and there is no standard nomenclature.
    This relatively new insurance offering is still evolving, and that means you will see a lot of variation from policy to policy. It is on you as a business owner and your customer’s technical advisor to get the details right. Policies should always be reviewed by a technology expert, either from within your company or with your security partner.

  2. Representatives
    While there are some expert consultants in the field, you may find that a vast majority of those selling Cyber insurance policies know very little about Information Technology. Bear in mind that these insurance agents are making tiny commissions on relatively small amounts. Likely, they are not even familiar with the finer details of the policy. Advanced preparation to understand your own needs and guide them toward a policy that best fits your organization will yield better results for your organization.

  3. Claims
    Let’s be honest, there’s no way to insure everything. Just because you have Cyber insurance doesn’t mean you will be able to cover regulatory fines and penalties coming from gross non-compliance with HIPAA. Or let’s say your customer ignores your repeated security warnings and suggestions, and then subsequently suffers a data breach. Making a successful claim in this scenario is a long shot. However, industry-wide we are not seeing much declination in cyber insurance claims 'yet' for businesses making their best security effort.  That could change, so preparation is key.

With these obstacles in your path, is Cyber insurance even worth the effort? Quite possibly it still is! So how can you prepare yourself to locate and enter into the best Cyber insurance policy? Read PART-2 in this blog series - Preparing to Sign a Cyberinsurance Policy.

NovaStor and NovaBACKUP have no affiliation with Cyber insurance companies, however, some popular choices include AIG (American Insurance Group), Travelers, AXA XL, Chubb Ltd., and Beazley.