Cyber insurance is a key component of an organization's cybersecurity and IT risk management strategy, according to the Federal Financial Institutions Examination Council (FFIEC). To determine the optimal cyber coverage, an organization must identify, measure, mitigate and monitor its potential cyber risk exposure and plan accordingly.
FFIEC recommended organizations analyze their existing cybersecurity and IT risk management programs before they purchase cyber insurance. Organizations also should consider the following factors relative to cyber insurance and its benefits:
- Involving multiple stakeholders in the decision-making process. Include appropriate departments across an organization such as legal, enterprise risk management, operational risk management, finance, information technology and information security management and stay in touch with these departments throughout the decision-making process.
- Performing due diligence. Review the scope of an existing or proposed cyber policy to identify coverage gaps and analyze all policy terms and conditions.
- Conducting an annual cyber coverage review. Examine the costs and benefits of cyber coverage annually to determine if sufficient coverage is in place to protect against rapidly evolving cyber threats.
Ultimately, an effective system of security controls remains the primary defense against cyber threats, FFIEC said in a prepared statement. If organizations maintain the proper level of cyber coverage, they can bolster their security controls and reduce the impact of costly, time-intensive breaches.
What Cyber Insurance Options Are Available?
There is no shortage of cyber insurance options available to organizations around the globe. Cyber coverage options include:
- Privilege Underwriters Reciprocal Exchange (PURE): Offers PURE Starling coverage for people who suffer financial losses resulting from fraud and cybercrime.
- At-Bay: Provides cyber risk insurance and protection and helps organizations and insurance brokers assess and manage cyber risk.
- Coalition: Offers cyber insurance products backed by commercial insurer Swiss Re Corporate Solutions and specialty insurance underwriter Argo Group.
Barbican Insurance Group, a London-based insurance underwriting and claims service, today introduced the Cyber "One-Step-Ahead" (OSA) product to help organizations address cyber risks. Cyber OSA combines software components, on- and off-site training and evaluation and recommendation reports to help organizations improve their cybersecurity measures.
In addition, CyberDot this week launched a cyber insurance and security platform for small businesses. The CyberDot platform enables small businesses to connect with a team of cyber insurance and security experts and find and purchase cyber insurance online, according to a prepared statement.