Asking the Right Questions About Cyber Insurance

One of the ways business stakeholders attempt to reduce risk (or, at least, offset the potential impact of consequences), is by buying cybersecurity breach insurance. Most of our clients have it—some because they want it, others because they’re required to carry it by regulation.

In this post, I’ll look at what your expectations and outcomes should be for cyber insurance, and how we should view it in the context of other cybersecurity solutions, like managed detection and response. I also talk pitfalls of thrown-together cost/benefit analyses, and the impacts on your business (and state of mind) if you treat this as a replacement for security. If you have purchased or are considering purchasing cyber insurance, I urge you to follow the path to the Nth degree and assess whether having an insurance policy that pays out will actually benefit your business.

DevOps Connect:DevSecOps @ RSAC 2022

Spoiler alert – getting to the right questions require you to specify (and, possibly reset) your expectations about how cyber insurance should help.

What Cyber Insurance Does

Like other kinds of insurance, cybersecurity breach insurance can help the unexpected—in this case, the offsetting some of the costs and potential liability associated with data breaches.

For small to medium-sized enterprises (SMEs) that might be operating on slim budgets and are asking themselves “Should I purchase breach insurance?” these policies can provide some peace of mind in the event of a breach. On average, businesses are down between three to five days following an incident, and all the while there are costs and obligations that you need to attend to—employee salaries, customer service, and even just keeping the lights on. Not to mention that if you lack the resources or staff to build your own enterprise-grade security operations center, you may need outside help to get your systems back (Read more...)

*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by Effi Lipsman. Read the original post at: