Organizations that are seeking process efficiency and an edge on their competitors look toward technology to support their business plans. Often, new technology advancements will enhance an organization’s performance but unfortunately, the introduction of new software, systems and processes open them up to (unanticipated) cyber-related risk and exposures.
The Risk and Insurance Management Society (RIMS) released a study this month noting that 80% of the companies surveyed purchased a stand-alone cyber policy in 2016. A portion of those companies made the purchase due to contractual obligations, but it’s apparent that companies are beginning to see the criticality of the coverage.
With cyber risks stemming from such a wide variety of sources, cyber insurance is only one tool in the risk mitigation toolbox, but it is an extremely important one that might enable an organization to recover from what could otherwise be crippling expenses.
The following chart from the RIMS survey illustrates the cyber risks that are most relevant to the participating companies:
RIMS 2016 Cyber Survey
While companies spend on smartening their workforce to cyber risks, implementing laptop and mobile device encryption, and installing advanced monitoring tools, it’s often the cyber insurance policy that fortifies a company when those measures fail and a cyber event does occur. However, those other risk mitigation techniques should by no means be minimized or ignored.
Keep in mind that cyber insurance forms and language have not yet been standardized across the marketplace, so it is of the utmost importance that someone with expert knowledge of the coverage reviews the proposed language before it is purchased. Depending on your business, a well-crafted policy should include coverage for privacy events, network business interruption, cyber extortion, fines and penalties, breach notification expenses, credit monitoring services, data recovery and, of course, legal defense expenses … just to name a few.
The takeaway here should be twofold:
- Cyber insurance is a critical component of any cyber risk mitigation strategy. (If you don’t have a policy, what are you waiting for?)
AND,
- A company such as The ALS Group, with a deep knowledge and expertise in cyber risk management and insurance should work with you to carefully construct the coverage that is appropriate for your organization.
Click here to request more information about The ALS Group or on limiting your cyber risk exposure.
