Blog
Cyber Insurance Requirements are Forcing IT Changes
In a world where there are increasing numbers of regulators driving compliance, we should not forget the influential role of insurance as a force of change. This is especially true in IT due to a new high-risk environment facing many of our clients in all sectors.
CYBER INSURANCE COSTS ARE RISING
While some businesses today are focused on various security practices and standards, many are still not acting or are in the process of adding solutions and standards to mitigate risk. Meanwhile, insurance companies, particularly those involved in cyber liability insurance, are undergoing a significant re-evaluation of how they approach, assess risk, and underwrite business coverages.
Insurance companies have realized that a better system is needed for underwriting cyber liability insurance products. Cyber policies are issued to their customers, but the cybersecurity defenses in place for the business are an important element in eligibility and accurately scoping and pricing coverage.
What makes their job difficult is that insurance carriers have difficulty determining who is well-protected and who isn’t. More specifically, when an applicant wants cyber insurance, the insurance company needs to determine whether the applicant follows best practices designed to lower their overall risk profile.
INSURANCE IS FORCING COMPLIANCE
It has been challenging to drive security (and other) best practices across some of the less mature sectors of industry. A common theme amongst less mature clients is offering compelling IT services to those customers but frequently seeing them falling short on their internal IT security practices. This is changing but is taking time.
The insurance sector has a unique ability to force and accelerate a positive change in business. As cyber insurance policies are being sought after and renewed at increasing rates, the insurance providers, in their search to discover a true risk profile, are driving change in the business. To be sure, they are also driving a change in their pricing. This also must surely make business leaders take notice and act.
Questions such as do you use multi-factor authentication, are you actively threat hunting in the network, do you filter content and internet traffic, are you backing up your data, do you use encryption, and do you perform risk assessments are now becoming commonly asked as part of the cyber liability underwriting process.
AUDITS ARE NOW COMMONPLACE
Just in the last 12 months, we have fielded many more inbound inquiries from our clients that came, in turn, from their insurance brokers and carriers. Each is looking for detailed answers and proofs to these comprehensive audits. This leads to a deeper involvement and willingness to engage on how to minimize their risk exposure and lower the cost of coverage. Even just to maintain any coverage at all, in some cases.
As cyber insurance carrier reevaluation continues, I believe we will see further widespread change happening throughout the world as many race to shore up their internal security practices – just to get sufficient coverage and protection.
Need help navigating cyber security compliance requirements? Our team can help!
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.