<p>Cybersecurity insurance has never been a “must-have” purchase for enterprises, with many still forgoing any form of coverage. Others, however, have found it attractive as a way to hedge against the failure of their cybersecurity investments.</p>
<p>Cyber insurance can help an enterprise cover incident-related costs, such as fines for allowing personally identifiable information to leak or new laptops to replace those bricked by ransomware. In addition to financial support, some insurers can provide incident response assistance, ranging from expert technical advice and regulatory compliance guidance to <a href=”https://www.techtarget.com/searchdisasterrecovery/tip/How-to-manage-and-mitigate-reputational-risk”>crisis-specific public relations support</a>.</p>
<p>But, as with other forms of insurance, cybersecurity insurers are ready and willing to disallow claims. And, for many years, they raised rates rapidly as they realized the true extent of enterprise vulnerabilities and saw how quickly the universe of threats evolved.</p>
<p>In the last couple years, the rise in premiums has slowed and even sometimes reversed itself — if certain conditions are met. Typically, insurers require enterprises to have in place cybersecurity measures that should be baseline practices in all enterprises but, sadly, still are not. That includes controls such as the following:</p>
<ul class=”default-list”>
<li>Comprehensive use of MFA.</li>
<li>Deployment of endpoint detection and response.</li>
<li>Adoption of write-once, <a href=”https://www.techtarget.com/searchstorage/tip/Immutable-storage-What-it-is-why-its-used-and-how-it-works”>immutable</a> storage for backups.</li>
</ul>
<p>In addition to requiring companies to practice <a href=”https://www.techtarget.com/searchsecurity/definition/cyber-hygiene”>cyber hygiene</a> and properly deploy key security technology, insurers can require that potential clients create internal policies covering a wide range of standard cyber risks — e.g., requiring the disabling of former employees’ accounts as soon as they leave the organization. Insurers will also want audit-based evidence of ongoing, uniform enforcement of those policies — e.g., that accounts are actually being disabled every time a staff member is fired or quits. If a breach occurs because the organization failed to follow the policy and did not immediately disable an employee’s account upon termination — thus allowing <a href=”https://www.techtarget.com/searchsecurity/tip/Five-common-insider-threats-and-how-to-mitigate-them”>him or her to access systems and data</a> — the insurance company will likely dispute any claim.</p>
<div class=”youtube-iframe-container”>
<iframe id=”ytplayer-0″ src=”https://www.youtube.com/embed/OhVcvGC_XNM?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com” type=”text/html” height=”360″ width=”640″ frameborder=”0″></iframe>
</div>
<section class=”section main-article-chapter” data-menu-title=”Devil in the details”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Devil in the details</h2>
<p>While coverage is not getting steadily more expensive, the scope of coverage is getting more sharply defined and often narrower. Enterprises that do not carefully review policy changes during renewal, or that are only now getting into the market, might find their coverage is not what they were counting on or hoping for.</p>
<blockquote class=”main-article-pullquote”>
<div class=”main-article-pullquote-inner”>
<figure>
Enterprises that do not carefully review policy changes during renewal, or that are only now getting into the market, might find their coverage is not what they were counting on or hoping for.
</figure>
<figcaption>
<strong>John Burke</strong>Research analyst and CTO, Nemertes Research
</figcaption>
<i class=”icon” data-icon=”z”></i>
</div>
</blockquote>
<p>Things to look for when reviewing a cyber insurance policy’s fine print include the following:</p>
<h3>1. Patching latency</h3>
<p>Insurers sometimes require IT staff to install patches for known vulnerabilities within a specified window of their release. They can even include a policy requirement that an enterprise’s third-party service providers meet a similar threshold. Failing to <a href=”https://www.techtarget.com/searchenterprisedesktop/tip/Use-this-10-step-patch-management-process-to-ensure-success”>patch in a timely way</a>, or engaging service providers that fail to, can lead to insurers rejecting related claims.</p>
<h3>2. Third-party
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: