IT Support Indianapolis 317-497-5500
IT Support Raleigh 919-890-8088
IT Support Atlanta 678-263-4770
IT Support Fairfax 703-344-7760
Request a Quote
OCT 25
Avoid Getting Your Cyber Insurance Payout Declined

Avoid Getting Your Cyber Insurance Payout Declined

October 25, 2022
Cyber insurance policies have existed since the early 2000s. Businesses going online wanted safeguards against risks associated with evolving cybersecurity threats. Having a cyber insurance policy is just a starting point, though, and your business also needs to understand the insurer’s expectations of you. Otherwise, you might find your claim gets denied.rnrnAs with most professional liability policies, your cyber insurance may have exclusions, including:rn
    rn
  • rogue employees;
    • rn
  • wild viruses;
    • rn
  • regulatory claims;
    • rn
  • fines and penalties;
    • rn
  • property damage.
    • rn
rnCyber insurers also may not pay out if they find “a failure to maintain.” This might also be “failure to follow” certain standards of care. It’s the online version of negligence. But what does it really mean?rn

Standard of care expectations

rnInsurance companies want proof that your business takes proper precautions to prevent cyberattacks. If you can’t show you’ve implemented strong security measures, you run the risk of a denied claim.rnrnYour insurance doesn’t want to pay out. So, they’re going to require you to put protection in place. This can be internal or via a third-service provider (such as a managed service provider (MSP)).rnrnYour security approach must be comprehensive. It’s best to map out all your technology so that you can identify every endpoint that needs protection. Relying on antivirus software, for instance, is unlikely to satisfy your insurance provider. Add active threat detection and response tools to your arsenal, too.rnrnYou’ll also need to show that you’re securing your supply chain. A breach exposing 40 million debit and credit cards started at a retailer's HVAC vendor. Target estimated the breach cost $202 million. This was in 2013, but attack type remains a real threat due to digital interconnectedness.rnrnInsurers also want to see evidence of effective training for your employees, because humans are the weak link. Your staff may not mean to do wrong, but they are the ones with weak passwords, or misplaced devices, and who may be downloading malware.rnrnExpect insurers to also want you to have:rn
    rn
  • encryption to secure data;
    • rn
  • multi-factor authentication to make unauthorized access more difficult;
    • rn
  • virtual private networks (VPNs) to secure connections between computers and the internet;
    • rn
  • regular data backup;
    • rn
  • company policies and processes to respond to cybersecurity incidents.
    • rn
  • Cyber insurance evolves, too
    • rn
rnAs the cyber environment is always evolving, insurers are regularly adapting. They may have quoted coverage for a particular risk but then changed their policies to decline that risk a year later. It’s one more thing to keep abreast of while also working to secure systems against cybercrime.rnrnHave questions about your cyber insurance policy? An MSP can review your security policy and ensure you’re doing everything to maintain coverage. Our experts can also run regular audits and provide proof of your efforts. Contact us today at 317-497-5500.