Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    [mc4wp_form id=3515]
    What's Hot

    Name That Toon: Last Line of Defense

    April 16, 2024

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Home»Cyber Security»‘Skinny’ Cyber Insurance Policies Create Compliance Path
    Cyber Security

    ‘Skinny’ Cyber Insurance Policies Create Compliance Path

    justmattgBy justmattgMarch 9, 2023No Comments4 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    [ad_1]

    “Everybody says it, so it must be true” is an example of the bandwagon logical fallacy. In the context of cyber insurance, the argument goes that everyone is a potential victim of an attack, thus everybody must have cyber insurance. In reality, not every organization can afford to buy cyber insurance, and there are organizations that don’t qualify for a policy even if they want one.

    Having cyber insurance used to be as simple as purchasing a prepackaged cyber insurance policy, similar to the process of buying a home or car insurance policy. With the explosion of ransomware attacks, the industry has been in disorder as insurance carriers and brokers process claims for damages caused by ransomware. In response to soaring claims, carriers are reducing the amount of coverage offered per policy, charging higher prices for less coverage, imposing much tighter rules on who can qualify for coverage, and cancelling policies for companies that don’t meet the minimum requirements.

    Policy coverages are significantly lower than they used to be, in some cases dropping from $10 million to $5 million and often lower, and many companies cannot get enough, says J. Andrew Moss, a partner at Reed Smith LLP’s Insurance Recovery Group. “You have to fill in the gaps, and that’s very tough because capacity has just been low or companies are priced out from buying as much insurance as they would ideally like to buy,” he adds.

    Coverage Required, But Out of Reach

    For victims of a ransomware attack or a hacking attack where private information was disclosed, it can be difficult to obtain new policies. “What we usually recommend is that they undergo what we call a holistic review of their current insurance coverage,” says Moss. The review includes general liability coverage, kidnap and ransom, property, first-party property insurance, and errors and omission, if they’re in a professional services organization.

    Some contracts and compliance regulations require that a company have a cyber insurance policy — posing a quandary for those companies that lose coverage. Without coverage, the company will find itself out of compliance or be vulnerable to a partner lawsuit for violating the terms of an existing contract. Getting some kind of cyber insurance policy often is mandatory, even if the company has other policies that could cover many of the losses a company might experience.

    “It’s not a comfortable time to be in business with respect to cyber risks,” says Daniel J. Struck, a partner at the law firm Culhane Meadows PLLC. Characterizing today’s cyber insurance market as being similar to the Wild West, Struck said he would not be surprised to see “relatively low-cost cyber insurance that doesn’t cover much, but at least it provides the certificate for a contractor.” He likens such “skinny” cyber insurance offerings to the low-cost, low-coverage auto insurance policies that allow drivers to meet US state auto insurance mandates.

    Bare Minimum Provides a Fig Leaf

    One benefit of a basic policy is that it could permit more organizations to obtain affordable coverage, eliminating the possibility of losing insurance and going out of compliance or violating contractual obligations.

    Curtis Dukes, executive vice president and general manager for security best practices at the Center for Internet Security (CIS), notes that most corporate cyber insurance policies are negotiated by the corporate general counsel or outside counsel, and virtually all business policies are different. Underwriting these policies can take up to three months, he adds, due to their complexity and nonstandard clauses.

    CIS offers a free self-assessment tool that helps users understand the financial impact of various aspects of a breach, including costs related to productivity, response, replacement, legal, competitive advantages, and reputation. The tool helps companies assess, report, and propose changes in cybersecurity controls based on a return-on-investment analysis, the organization says.

    As all states have their own insurance commissioner and rules, Dukes suggests that companies lobby the National Association of Insurance Commissioners directly to develop national, standardized policies that would be easier for organizations to understand and manage, as well as set minimum requirements for a basic policy. A copy of the NAIC’s 2022 Report on the Cyber Insurance Market can be found here, with its discussions on cyber insurance, committee actions, and resources located here.

    [ad_2]

    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleNew Security Flaws Could Allow Code Execution Attacks
    Next Article Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Demo
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    Cyber Security

    Name That Toon: Last Line of Defense

    justmattgApril 16, 2024

    [ad_1] The enemies are always getting closer, using the same advanced technologies as security pros…

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024

    Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks

    April 16, 2024

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    [mc4wp_form id=3515]
    Demo
    Top Posts

    Name That Toon: Last Line of Defense

    April 16, 2024

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Latest Reviews
    Cyber Security

    Name That Toon: Last Line of Defense

    justmattgApril 16, 2024

    [ad_1] The enemies are always getting closer, using the same advanced technologies as security pros…

    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    justmattgApril 16, 2024

    [ad_1] Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover…

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    [mc4wp_form id=3515]
    Demo
    MOST POPULAR

    Name That Toon: Last Line of Defense

    April 16, 2024

    California mountain lion P-22 left mark on wildlife conservation

    January 1, 2023

    Congress Again Writes To Home Minister Amit Shah Over Rahul Gandhi’s Security

    January 1, 2023
    OUR PICKS

    Name That Toon: Last Line of Defense

    April 16, 2024

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    [mc4wp_form id=3515]
    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑