If you’re new to cyber insurance, it is first necessary to examine potential risks faced by your business and identify ways of lowering them before you decide to buy any cyber insurance.
· Staff awareness training – Since hackers develop new techniques all the time, companies must keep their staff updated about that the latest cyber security threats and best practice of computer usage.
· Data encryption – Importantly – this is not the same as changing a password: data encryption basically places data on a format that can only be availed using a decryption key, which makes it much more useful than password protection.
· Storage of portable devices – Reducing the instances of leaving phones, laptops or other hand-held devices in public places or other vulnerable areas can lower the risk of malicious attacks/hacking.
· Cyber risk assessment – Regular, automated and risk-based security assessment is an essential tool to understand cyber security posture. You need to understand your risks before understanding where your risks lie and what your insurance policy will require. A thorough security risk assessment will help you understand what kind of coverage you will need from your insurance provider.
· Deductibles – Make sure to closely compare deductibles, like you normally do for life, vehicle and household policies. The insurer might tell you how much they will charge you based on how much of the risk you're willing to cover yourself. The part of the risk you are covering is the deductible.
· Selection of cyber insurance provider – This is the most important step. Whether you’re choosing a cyber-insurance service provider, handling important claims, or just updating your policy, your broker/service provider will be your source of help.
· Number of policies – Find out how many types of policies that are offered by an insurance company. Is their coverage only an extension of something they already offer? You may want to remember that it is best to opt for a stand-alone policy because it saves you from a number of risks.
Cyber insurance is no silver bullet. It would not free you from all cyber attack. However, it would be the first line of defence against the ever changing cyber threat landscape.