RCR 011: Cyber Insurance Key Aspects - CISSP Study and Training!
Oct 15, 2018Description:
Shon Gerber from Reduce Cyber Risk.com reveals to you the steps each week the information you need to best protect your business and reduce your company’s cyber risk. Shon provides cybersecurity for business training and how you can begin to address the cyber risk for your daily business.
In this episode (Part 8), Shon will address, the key aspects around cybersecurity insurance such as: exclusions, security best practices, and so much more. This training is important for all companies, but more especially suited for Small and Medium-sized businesses.
Transcript:
welcome to the reduce cyber risk podcast where we give you the tools you need to meet your regulatory requirements while helping keep the evil hacker Hornet Bay hi my name is Sean Gerber and I'm your host for this action packed and forwarded podcast join me each week is I provide the information you need to protect your business and reduce your company cyber rest alright okay this episode where we talk about cyber security insurance and some key aspects you need to know as you're putting that within your business insurance is basically the premium aspect it sounds a wonderful is this is a premium you're getting for your business I don't know much about much being a very much of a premium but the interesting part that was you got to pay it right so it's more of an expense but it's not really a premium it's all right but the one thing you got to consider that you when you are looking for insurance for your business that a cybersecurity insurance something that you can put in place it will substantially reduce the cost of your insurance documentation while security practices and best practices that you put in did you do this documentation and you have these things in place that's just like it's like having the good student discount on your insurance policies that if you do these things and you can prove them in many cases it will dramatically reduce your in your Premium cost you have to spend for the cybersecurity insurance for your business the prices will fluctuate a lot based on the news so if you get something that happens within your within the news at somebody's been hacked bills been hacked so on and so forth that that price of that insurance is going to fluctuate and example this a few years back but the anthem breach and there's a lots of public data that was compromised variance in the pricing the more that thing hit and now granted cypress tree insurance is also more for overtime so back when that hit was about for 3-4 years ago now it's in a situation where there's more more policies out there and so you need to decide when you want to buy now it's all of a sudden everything hits and there's a big hack do you buy at that time your cyber security insurance will maybe maybe not if you don't buy it you're You're vulnerable but if you do spend you may overspend for that same old insurance think about it there's price negotiations negotiate the price that you're trying to accomplish with your cyber security insurance and you can use things like having a security framework having other things in place maybe a security person on retainer for you that you can put down as I have some Protections in place soap versus Beast being a business that doesn't have anything you now go to these companies and say you know what I've got a guy that's on retainer so Security Professionals on retainer for me and I've also got a security program in place and or I have put a framework in place that is watching what I do so I know what my access is I know who has access to the stuff I know do I have a anti-virus program in place so if you have those things that you're using you can then go back to the insurance company and see if you can get some sort of discount around that space cybersecurity is that even though they are happening a lot of Actuarial data so basically actuaries are the people that understand risk as it comes shirtspace will they know how often a tornado hits in Kansas which is actually gone down quite a bit but they know how often that occurs they know how often a tornado or a hurricane make it an area of the country or the world they understand that so they can therefore plan out that risk for those insurance rates well cybersecurity is still up in flocks and is more more breaches occur that's also going to change the policy in the pricing around that policy Tallassee and some potential cost that will quickly beyond what a potential lawsuit would be so the typical all she might be around the lawsuit or around what the mitigation pieces of that are you have to pay so much per disclosure of a certain record was its privacy information so forth but there's other aspects of other costs that many times people don't consider bit unless you're in the cybersecurity world or you understand that that vernacular is there a response do you have a plan in place to deal with your instant response are you hiring somebody bring somebody from the outside to go do that some really good vendors that will do that for you but that'll cost you and it can cost you some big money forensic experts okay so now you've been hacked you got to bring somebody in to actually find out what was compromised that's an additional cost above and beyond what it would cost just to tell everybody that they you've been hacked new equipment it's equipment so bad you got to get new equipment and it's just destroyed that will cost you something credit monitoring play for Experian credit monitoring for all accounts have been hacked and reality as a placebo but they have to do it right reputational loss that's in some cases can't be totally measured in the fact that if you get hacked and you lose all of your data and if your business is all about data so we'll use the example of Experian what the reason lost it that the Credit Agencies affected their bottom light affected what they do cuz they're all business is all about data so that breach is is one that they have to be aware of rebuilding recover your network okay so now you're not going to hack you don't know what to trust Wichita from the ground up so that's a cost that you're not really that's the only thing so key aspects you need to be aware of as it relates to insurance for your business
CISSP Cyber Training Academy Program!
Are you an ambitious Cybersecurity or IT professional who wants to take your career to a whole new level by achieving the CISSP Certification?
Let CISSP Cyber Training help you pass the CISSP Test the first time!