Cyber Insurance:10 Considerations When Preparing for a Policy

Cyber insurance is a crucial safety net in today’s digital landscape, but choosing the right policy can be complex. Here are ten considerations to guide your decision and preparation:

Understand Your Risk Profile

Begin by assessing your company’s unique cyber risk profile. (You could start HERE.)This includes considering your company size, the types of sensitive data you handle, your industry’s specific threats, and the technologies you use. Understanding your risk profile will help you identify the coverage you need.

Coverage Scope

Ensure the policy covers the range of issues you might face. This could include data breaches, network damage, business interruption, ransomware attacks, and even physical damage resulting from cyber incidents.

Exclusions

Be aware of what’s not covered. Some policies might exclude certain types of attacks or incidents, such as those caused by unpatched software.

Claim Guidelines

Understand the insurer’s claim process. How quickly do they respond? What support do they provide during a crisis? Quick response time can be critical during a cyber incident.

Policy Limits and Sub-Limits

Examine the policy’s financial limits. Make sure that these limits align with your potential risk exposure. Also, look for sub-limits that might cap the payout for specific types of claims.

Retroactive Dates

Check if the policy includes a retroactive date. If an unknown breach occurred before this date, it may not be covered.

Cybersecurity Requirements

Insurers often require certain cybersecurity measures to be in place. Make sure you meet these requirements to avoid issues when filing a claim. For example, based on a recent risk assessment that an insurance company sent to one of our clients, the following items are required for full coverage. (And as a note…small business must be careful to maintain the standards, which are easily missed for example when a new hire is brought on board. If any lapses occur, it is expected that you would contact your IT support to update the information accordingly to avoid being “dinged” on your insurance coverage.) We often recommend Microsoft 365 Business Premium licensing for our customers, which offers a range of advantages and considerations as it applies to cyber insurance. 

Enhanced Security: Business Premium provides advanced security features such as Microsoft Defender for Office 365, which offers protection against sophisticated threats, including phishing and malware attacks.

Advanced Threat Protection: Business Premium includes Microsoft Defender for Endpoint and Defender for 365, which provides endpoint protection, threat detection, and response capabilities to safeguard your devices and data. We feed this data to our SOCLogix Partner through our SIEM (Security information and event management) and EDR (Endpoint Detection and Response) tools. 
Data Loss Prevention (DLP): With Business Premium, you can implement DLP policies to prevent the accidental or intentional sharing of sensitive information. This helps protect your business from data breaches and ensures compliance with data protection regulations. 
Information Rights Management (IRM): IRM allows you to apply restrictions to files and emails, controlling who can access, forward, or modify them. This helps you maintain control over your sensitive data, even when it’s shared externally. 
Device Management: Business Premium includes Microsoft Intune, a powerful device management solution. It enables you to remotely manage and secure devices, enforce security policies, and protect company data on both company-owned and employee-owned devices. 
Azure Active Directory (AAD): Business Premium includes Azure Active Directory Premium P1, which provides advanced identity and access management capabilities. This includes features like multi-factor authentication, conditional access policies, and self-service password reset to enhance security and streamline user access. This is required for , one of the multi-factor authentication methods we widely use. 
eDiscovery: Business Premium includes a feature that enables organizations to identify, preserve, and collect electronically stored information (ESI) for legal or compliance purposes. It provides tools and capabilities to search, analyze, and export data from various sources within Office 365, such as emails, documents, SharePoint sites, and Teams chats. eDiscovery in Office 365 streamlines the process of locating relevant information, ensuring legal hold compliance, and facilitating the production of evidence during legal proceedings or investigations. 
Exchange Online Archiving: 50GB (Basic) to 1.5TB (Premium) per user

These advantages provide enhanced security, device management capabilities, advanced productivity tools, and collaboration features, making Microsoft 365 Business Premium a comprehensive solution for businesses seeking robust cloud-based productivity and security offerings.

Third-Party Coverage

If a breach impacts your customers or other third parties, you could face legal action. Ensure your policy covers third-party claims.

Breach Support Services

Some insurers offer additional services like PR assistance, legal support, and forensic investigation following a breach. These can be invaluable in managing a cyber incident.

Policy Terms and Conditions

Finally, carefully review all terms and conditions. If there’s anything you don’t understand, ask for clarification.

Choosing the right cyber insurance policy involves understanding your risks, knowing what to look for in a policy, and seeking expert advice if needed. With due diligence, you can find a policy that provides the protection your business needs. Need help getting moving in the right direction? Our TEAM OF EXPERTS can help guide you through the cybersecurity portions or recommend a reputable cyber insurance agency. CONTACT US HERE to ask any questions!

Tabbie Coulter

great professional service and very timely!! would highly recommend for your IT needs.

Jessie Palma

I love this company. They have soo much talent there and they always fix it so quickly! They are very professional and courteous! I've gotten to know some of them because we treat each other like human beings :) It's like having an extended family.

Fernando Perez

Awesome management! Great company.

Joseph Silbaugh

I needed to add an older laptop to the business account for my use on the road. CIO did everything remotely for me. It made the task so easy. They updated everything, added my office 365, my 3 emails and checked everything. Great job, quick and efficiently no stress. I recommend them highly

Kay Westerhold

Always a quick response. Issue solved and can continue on with the task every time. Great job CCIO!!

Bill Fissell

The service was prompt, friendly and knowledgeable. Could not ask for more than that.

Kevin Slack

Upgraded our router with Comcast. It did not go smoothly until Steve Plumlee got involved and got everything working well. When Steve is working on our IT issues, they get resolved. Amen.

Hickory Falls Family Entertainment Center

Thanks for going more in-depth with your engineers and investigating solutions and resolving some of our email challenges.

Bill Moorman

Certified CIO is a smart, professional and friendly team of engineers to work with. I am a bright person but computers can make me feel incompetent. The team at Certified CIO never allows you to feel awkward even asking the most basic questions. You have been a lifeline many times. Thanks for your support.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Better IT for Business. Call Today! (717) 340-6000 (443) 283-0666