Cyber Security Checklist for 2022
Gallagher Healthcare :: Industry InsightsBy Gallagher Healthcare | 2/10/2022
2022 Cyber Insurance Coverage Checklist
All industries that rely on computers for information storage and internet connection are vulnerable to cyber-attacks. Whether your company is a small business or a large corporation, it's crucial to maintain cyber security.
Potential problems include sneaky malware, ransomware, phishing emails and even social engineering attacks. With the internet being necessary for carrying out work responsibilities, gettinga cyber insurance policy is one of the best ways to ensure a safety net if you ever experience a critical cyber incident.
What Does Cyber Insurance Cover?
Look for insurance that provides network security liability coverage. As more companies sign on for cyber insurance, it is predicted that this industry will grow around 25%each year until 2026.
Having an insurance policy helps your company avoid liability for any expenses of damages or claims made due to a possible error or action resulting in:
- Unauthorized access to your company's system:Improper access could result in data breaches, private information leaks or the destruction of your company's electronic data. Coverage protects you from data theft and losses or service denials from corrupted or unusable data.
- The inability to access your company's system: When a third party, for example, cannot gain access despite having prior authorization, this may result in the company having to contact IT services.
- Malicious code infections and transmission: If your system is infected, the company could transmit the issue to third-party CPUs, spreading the issue to personal computers or other company computers.
According to an annual FBI report, cyber attacks exceeded $4.1 billion in losses in 2020 alone. This prevalence is why your company needs to have a cyber insurance policy.
Arthur J. Gallagher & Co. has a comprehensive cyber insurance checklist for you to review on behalf of your company.
1. Determine Your System's Primary Vulnerabilities
All systems are exploitable but consider your specific needs when looking for a fitting cyber insurance policy. For example, ask yourself if you need cyber insurance because:
- Your company hosts a website that stores login information or other sensitive data, like users' credit card information. This stored data requires your company to be PCI-compliant.
- You use online applications or a website that provides them.
- Your employees use BYODs, which could become lost or stolen.
- You work with ePHI, PII or other sensitive data. Patient information stored in medical offices is protected by HIPPA, for example.
- A third-party vendor provides a service related to online data collection or management. If the security of the third-party provider becomes compromised, your insurance protection will help with liability issues.
- You lack a nest egg in case of a cyber attack. Without insurance coverage or emergency funding, you are vulnerable to the financial tolls of a cyber attack.
- Confidentiality is vital to your business's standards. The privacy of clients is important in many industries.
2. Ask Yourself What Coverage Options You Will Need
Once you know why you need cyber insurance coverage for your company, start comparing policies to find a good fit. You might decide on the best policy based on these factors:
- The most likely scenarios for an attack: Apply what you learned from considering your company's vulnerabilities.
- The extent of coverage recommended: The best way to determine this is to estimate how much a security breach would cost.
- Your company's budget: The best possible plan offers acceptable coverage standards while being affordable.
- Policy triggers:Some policies may only cover a cyber-attack instead of an error made by your employees.
- Data coverage: Your policy terms could depend on how you collect and store data and the sensitivity of the information. In most cases, privacy is either preferable or vital for company data.
- Financial support: A policy might cover the legal costs associated with a security breach or support during shutdowns.
3. Customize Your Cyber Insurance Policy
After examining your risk level and comparing types of coverage, it's time to select the option with the most benefits. There are a few different factors to consider when selecting the ultimate insurance policy.
The three most common types of coverage are:
- Network security coverage: This includes the cost of damages caused by ransomware, network failures, data breaches and data theft.
- Privacy liability coverage: This includes the cost of damages from human error and the theft or loss of company devices. It might also cover costs related to contacting affected parties, issuing regulatory fines, crisis management and investigation.
- Media liability coverage: This includes the cost of certain legal actions, such as those against copyright infringements and libel. It would also cover damages to company media like the defacement of the website.
The two types of policies are:
- Package policy: This is a general liability policy that you can choose based on your company's requirements. This type of policy is usually better for a company with minimal risks.
- Standalone policy: The insurance company works with you to set the terms for yourcoverage when you get this kind of liability policy. A standalone policy is more expensive but ideal for companies that want a higher degree of customization.
Most policies offer coverage for either of two categories:
- First-party coverage:In this case, the insurance only covers the policyholder.
- Third-party coverage: The insurance covers all affected parties. This coverage could include third-party service providers your business works with, your customers and unrelated systems.
4. Talk to Your Insurance Provider About Their Cyber Insurance Policies
Your potential provider can help you address any questions you have about getting a policy that would benefit your company's cyber security. Keep the following in mind when discussing a new policy:
- Does the provider only cover malicious attacks, or will they also cover accidents or indirect attacks that result in data loss or damages?
- Does the policy come with a deductible, and how much is it? Will making an insurance claim cause your payments to increase?
- What is the coverage for third parties, and are there any limits?
- How many years does the policy last, and when does your coverage begin?
- What scenarios would be excluded in the insurance policy, and do you need to take precautions for those potential damages?
- What is the provider's typical response time in an emergency?
Request a Quote With Gallagher Healthcare
Are you interested in getting reliablecyber liability coveragealong with medical malpractice coverage for your company? Gallagher Healthcare focuses on providing coverage in the medical malpractice field, where cyber liabilities are a common concern. Our brokers can help you compare insurance solutions with major A-rated carriers, helping you find the best match. Call us at 1 (800) 634-9513 or contact us online to learn more.