Increasing your organization’s cyber insurability.
By Dennis Ast, CPCU, CCIC
The cyber insurance market continues to change. As the market has become more challenging, cyber insurers are more selective about who they choose to insure.
Some of the key changes that cyber insurance carriers are making include:
- Lower coverage limits
- Increased retentions
- Higher premiums
- Coinsurance on some coverages
- New endorsements that further limit coverage
Insurers are requiring organizations to fill out full applications and ransomware supplementals, complete cyber assessments to search for vulnerabilities and add subjectivities to quotes to minimize their exposure to risk. These requirements are driven by an increase in number of cyber-attacks, which is resulting in higher claim payments being made by cyber carriers. Cyber insurers are looking for clients that have developed strong cyber hygiene and resiliency. If you or your company haven’t stayed current with your cyber security, obtaining cyber insurance may be a challenge.
Cyber carriers want to offer their optimum terms to those who have best-in-class cyber security programs. There are steps that organizations can take to increase their insurability.
Below are the steps you can take to increase your insurability:
- Start the renewal process four to six months prior to the renewal date
- Obtain a cyber vulnerability assessment and resolve all vulnerabilities
- Implement Multi-Factor Authentication (MFA) – especially on email and remote access
- Secure Remote Desktop Protocols (RDP)
- Implement Endpoint Detection and Response (EDR)
- Enable email security
- Keep all Devices and Applications patched and up to date
- Encrypt all sensitive data
- Remove/replace end of life or end of support software
- Have back-ups – regular, encrypted, air-gaped & tested
- Develop and practice a cyber incident response plan
By increasing your cyber resiliency and hygiene, cyber carriers are more likely to offer better renewal terms to your organization. OneGroup can help you to build a strong cyber program that will increase your organization’s chances of obtaining cyber coverage.