Cyber Insurance: The Opportunity and Pitfalls

Corporate SecurityInformation Security

Become a Media Sonar Insider

As the number and severity of cyberattacks continue to increase, organizations are turning to cyber insurance as a way to protect against catastrophic losses associated with a security breach.

But simply buying cyber insurance should not create a false sense of security. Organizations need to be constantly assessing risk, identifying vulnerabilities, and bolstering their security posture so they don’t get breached in the first place.

There’s a direct financial correlation as well. Just as someone who is young and healthy can get life insurance at a better rate than someone with serious health issues, cyber insurers will examine an organization’s security policies and procedures prior to setting rates.

Getting a lower rate based on having sound security measures in place is important. According to Marsh, a global insurance broker and risk advisor, cyber insurance pricing in the U.S. increased an average of 96% year-over-year in the third quarter of 2021. That was a 40% percent rise over the prior quarter and the largest since 2015.

Cyber insurance pricing in the U.S. increased an average of 96% year-over-year in the third quarter of 2021

Types of cyber insurance policies

Cyber insurance policies include different types of coverages that span first-party loss, first-party expenses, and third-party liability. 

  • First-party loss: Just as it sounds, first-party loss applies to the organization that takes out the policy. A first-party loss would typically include loss of revenue due to business interruption.
  • First-party expenses: This would include services and resources needed to recover from an attack, such as incident response and remediation.
  • Third-party liability: This covers expenses and legal fees related to damage to third parties, such as partners, customers, or even employees whose sensitive information has been compromised.

In this digital risk assessment report, learn how to avoid costly damages that come from a tarnished brand by evaluating your security posture holistically

What do cyber insurance policies cover?

Cyber insurance policies cover specific scenarios that might or might not be relevant to your business.

  1. Privacy Liability: This covers companies from liabilities associated with violations of contractual obligations to protect employee and customer data, as well as violations of privacy laws, such as GDPR. It can protect against unfortunate events that arise out of a breach, such as a class action suit filed by customers.
  2. Network Security Coverage: This covers against network security failures, including business email compromises, ransomware, malware infections, and data breaches. First-party costs covered in this scenario could include breach notifications to customers, data restoration, legal expenses, credit monitoring, public relations, IT forensics, payment of a ransom.
  3. Errors and omissions: Sometimes an interruption of service can be caused by a misconfiguration, a botched software update, or some other internal mistake. This coverage protects against claims related to failures to fulfill contractual obligations due to errors and omissions.
  4. Network Business Interruption Coverage: This covers the organization for the cost of lost business in the event that an attack brings down your network, or brings down the network of a cloud service provider who might be hosting your Web site, or other mission-critical parts of your business.

How Media Sonar can help

To continue with the life insurance analogy, insurers might require that you get a physical with the insurance company’s doctor prior to determining whether to even offer you a policy. 

Similarly, cyber insurers are tightening underwriting requirements and making sure that organizations have the proper security and risk management controls in place.

Cyber insurers are tightening underwriting requirements and making sure that organizations have the proper security and risk management controls in place

Insurers are looking for companies that have automated tools to provide brand protection, information protection, executive protection, as well as third-party intelligence.

Media Sonar’s platform can not only help organizations avoid data breaches, but it can also help companies validate their security controls so they can obtain cyber insurance at a reasonable cost. 

Leverage Our Expertise

Media Sonar Digital Risk Assessments provide organizations with an analyst-generated report that identifies and summarizes digital risks and exposed online information, scores risk, and provides remediation recommendations.

Leverage Our Expertise

Digital Risk Assessments for Executives, Brands & Supply Chains

More Content