As cyber attacks and data breaches are surfacing on a daily basis, businesses across New Zealand, and indeed the world, are looking for ways to mitigate the risk associated with these events.
One of the most popular methods being explored is the use of cyber insurance. But, just what is cyber insurance?
“Gartner defines cyber insurance as protection against losses related to cyber-risks, such as data theft/loss, business interruption caused by a computer malfunction or virus, and fines or lost income because of system downtime, network intrusion and/or information security breaches,” explains John A. Wheeler, analyst, Gartner.
As a result, Wheeler says of many recent highly publicised losses related to cyber security risks, interest in cyber insurance continues to grow.
“In fact, our recent 2014 Global Risk Management Survey showed that half of the companies surveyed are currently exploring some form of cyber insurance,” he adds.
For those companies who are currently considering the use of cyber insurance, Wheeler offers the following five tips to find the right policy and to maximise the value of the coverage obtained.
1) Don’t look to cyber insurance as a panacea for a weak IT risk and security program. To qualify and to obtain reasonable premiums, companies must have a strong security posture.
2) To determine the true value of the policy, look beyond the quote to examine the policy language.
3) Ask the broker/carrier about their history of paying claims and to provide specific examples.
4) Complete the policy application thoroughly and truthfully – any inaccuracies may render claims invalid or provide an opportunity for the insurer to void the policy altogether.
5) Reevaluate IT risk and security program as well as any policy changes on an annual basis to ensure adequate coverage.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.