All Cyber Policies are Not Created Equal

All Cyber Policies are Not Created Equal

Property Casualty 360, insurance industry news magazine, recently posted an article talking about appropriately assessing cyber security risks. The article made several good points to consider:

All cyber policies are not created equal – so, buyers need to be very clear about their own particular exposures and what coverages they need and want so as to shop and buy most efficiently and effectively.

Doing so means looking at your company the same way that an insurance underwriter would. The underwriting process for cyber liability focuses on several primary factors:What are the main exposures present with regards to privacy and network security? – this requires a thorough analysis of operations

What is the size of the risk? – this relates to not only the size of the company in revenue and personnel but also the number of records that a company has liability for keeping safe. (uniquely identifiable records, often referred to as Personally Identifiable Information, PII)

What type of information is being held? – and the value of that information.These factors give rise to the question of controls that are in place and the quality of those controls.

The size and sophistication level of a risk also lends itself well in determining features of a cyber policy that will provide the most value to an insured.

Smaller companies might want policies that offer more incident response services and support.

Larger organizations might already have relationships with vendors and resources that they want to use – so larger limits that provide coverage across a wide variety of coverage areas may be more appropriate.

This information pairs well with other posts on Cyber Liability that you will find on this site.

Feel free to call with any questions that may arise. 858.202.6187

The article was accessed on 2/26/2019