Cyber insurance is still relatively new. Businesses are looking at what cyber insurance, a Disaster Recovery Plan, and a Business Continuity Plan can offer. We live in a time when remote working is a reality. There are a lot of what-ifs when a business sets out to protect their data to ensure they will have access to the information they will need to continue serving their customers should something happen.
Planning for those what-ifs has kept more than a few businesses from attempting to come up with a Disaster Recovery Plan. We do business where breaches, disasters, downtime, and cybercrime is inevitable and you should be prepared for just about anything. There are some that will tell you it is a waste to invest in the time and effort needed to create a plan because all these potential disasters are built it on assumptions.
Small and midsized businesses still believe that hackers are not out for their small entities. They believe that data breaches and cybercrime only happen to the big guys. The fact of the matter is, cybercriminals don’t care about the size of your business. The data you have about your customers and suppliers is what they are after. There are very few organizations that do not have an online presence or use e-commerce. Many of the employees in companies carry around this data in the laptops or phones they use on a daily basis. Understanding the risks associated with cyberattacks is smart business practice.
What about Cyber Insurance?
You’ve done the homework and created a Business Continuity Plan and all your recovery efforts are written up and on standby, in the event, something should happen. You have insurance on the physical assets of your business such as servers, laptops, printers, etc and are wondering if the data you require to remain in business is a tangible enough asset to insure.
The Insurance Bureau of Canada believes that it is. Nowadays, almost all businesses maintain some or all of their valuable business information on a computer or network. In order to remain a viable business, you need access to those records. According to Inc. magazine, here are six questions you should consider when buying cyber insurance:
- How many records containing personal information does your organization retain or have access to?
- How many records containing sensitive commercial information does your organization retain or have access to?
- What security controls can you put in place to reduce the risk of having your system compromised?
- Are any and all portable media and computing devices encrypted?
- Do you know if there are unencrypted media in the care, custody or control of your third-party service providers?
- Could you make a claim if you were unable to detect an intrusion until several months or years had passed?
Most small businesses do not have the resources to hire full-time staff to analyze the risks and create a plan. The good news is you don’t have to. You can partner with a Managed Service Provider to assist in answering these questions and delve deeper into Disaster Recovery & Business Continuity Plans as well as asking about Cyber Insurance.
Join us on April 8th for a free webinar to address cyber insurance questions you may have or contact us for a one-on-one discussion.