Cyber & Data insurance is a relatively new product in the UK, and it’s constantly changing. As insurers get more data on claims, how they occur, the cost, and which sectors are most affected, they review their cover, pricing and underwriting strategies.
Over the past year, claims have continued to rise in both volume and cost for insurers, and this is passed onto you, the insured. To stay profitable and able to write this business, insurers have to increase ratings, enabling them to offer a wide level of cover, and, crucially, to protect you should the worst happen.
But it isn’t just the price that you need to be wary of. Insurers are becoming more selective over what risks they insure, so it’s important that you take steps to make yourself an attractive risk for them. Just like protecting your house with a better alarm or locks, the same principle applies here.
We’ve put together five key tips that may help you secure cover. This isn’t an exhaustive list, and is aimed at those outside of higher-risk sectors such as regulated firms or charities.
When it comes to reducing risk, employees can be one of your biggest weaknesses. This is because of how simple it is to click a malicious link that can cause serious damage to your operations and reputation. Having a formalised plan in place to help your employees identify threats and spot spoof emails or phishing attempts is vital, especially as they become more sophisticated.
The National Cyber Security Centre offers free training that you can roll out to your team. More advanced training could involve simulated phishing attempts.
After a data breach, investigation costs or e-discovery make up a substantial amount of the claim. This sifts through the data you hold, finds out who should be notified and, importantly, looks at what sensitive and personally identifiable information you possess.
Having a clear view on what data you hold, the number of records, and the type of data won’t just give your business an understanding of the risk, but insurers too. With this clear concept, recognising when you no longer have a legitimate interest to hold this data can also help you comply with GDPR – and if there’s an investigation, it will help you stay on the right side of the ICO. Regularly purging the data you no longer require means that you only have the right amount of data necessary, and again can limit claim costs.
Given the increasing popularity of accessing systems remotely, a password is no longer a secure enough method to keep our information safe. Multi-factor authentication adds an extra layer of protection to the sign-in process, and should be enabled wherever possible, especially on emails. It’s a simple process, and for insurers, it’s a must!
You should have regular, and more importantly, tested backups available for all core business activities and data. In the event of an attack, such as ransomware, insurers will review your backups. If they work, it will increase the likelihood of you restarting your operations quicker, and with less disruption. Backups can be physical – in which case they should be kept off site – or cloud based, and must be tested regularly.
As with most risks to a business, you need a plan in place that’s tested at least annually to ensure you can get back up and running with limited disruption. A cyber response plan is no different. During an attack or data breach, you must have set processes that enable you to respond quickly. Being insured for the risk can form part of your plan, as an initial step will be to notify insurers and access the right experts through your policy.
In addition to the above, you should already have antivirus installed – and install updates as they become available – and avoid using unsupported software. Read more about a Cyber & Data claim here.
Speak to RiskBox
Do you want to take out Cyber & Data protection, or review your current policy, but would like more information about what this entails? Speak to one of our trusted professionals.
At RiskBox, our team of insurance specialists are here to help, and can work with you to decide what type of cover your business needs. Get in touch with us today by calling 0161 533 0411 or filling in our online contact form.
Agencies - September 25, 2023
Blog - September 11, 2023