By Erin Ayers on April 24, 2015 on cyberrisknetwork.com.
As more organizations realize they need to improve their cybersecurity posture, insurers have begun to offer more than a simple risk transfer, adding pre-breach services, risk assessments, and expert resources to help clients prepare for what some consider “inevitable” breach events.
These value-added services come part and parcel with cyber insurance policies, but insureds don’t always avail themselves of the opportunities to examine their IT security and plan out a breach response. Taking these steps before a cyber incident can make significant differences in the outcome, from the financial, reputational, and regulatory perspectives, according to industry experts.
“When you think about what else cyber insurance can do for you, the operational side is just as important as the financial side,” said Bo Holland, CEO of AllClear ID. He cited the response of Target to its 2013 data breach – the retailer had the financial ability to respond, but it didn’t have a plan in place, leading to loss of customer confidence, lawsuits, and brand damage. Organizations need “defined, understood, and practiced” response plans, he told Advisen. Insurers can facilitate those relationships with vendors, but it’s up to individual businesses to engage with them, Holland added.
Read more about it.