Beyond the policy: 5 considerations for partnering with your insurer for cyber resilience

Written by David Reed, AVP, Cyber Risk Engineer at Sompo.

Cyber threats are a unique category of risk and cyber insurance at its best delivers more than just financial protection to meet this risk.

In the past, cyber insurance was reactive – you filed a claim to offset the costs of an incident after it happened. But today, leading carriers are proactive partners in helping businesses protect their systems and data before a breach ever takes place.

Ask your broker or insurer about what cybersecurity services are provided with your policy. In addition, your carrier can often connect you with trusted IT vendors who can support your overall cybersecurity program. Here are five key services to look out for:

1. Incident response planning: Developing and testing a detailed incident response plan can help your business respond rapidly to cyber incidents. The plan should assign key roles and responsibilities, define steps in your response, and provide a pathway for rapidly restoring your systems and data from backups. Your insurer or a trusted cybersecurity vendor can provide templates and guidance to help build a plan customized for your business.
2. Tabletop exercises: Your insurer can often help your organization conduct tabletop exercises that simulate breach scenarios and put your incident response plan to the test. Tabletop exercises prepare IT teams and company leadership to take rapid, confident action in response to attacks. Tabletop exercises can also help identify gaps in your cybersecurity and response planning before an incident takes place. Planning and preparing for a breach can potentially reduce downtime from days or weeks to just hours.
3. Network scanning: Open ports, unpatched Common Vulnerabilities and Exposures (CVEs), and exposed services are all vulnerabilities that are often exploited by attackers. Your insurer or a trusted vendor can assist with regularly scheduled network scans that enable you to identify and remediate vulnerabilities.
4. Backups: Simply creating and storing data backups is not sufficient to protect your business. Your insurer or security vendor can help you establish or strengthen your backup program that includes frequent, segmented backups with secure immutable offsite storage. It is also essential to test your backups to ensure that you can rapidly restore systems and data in the event of a breach. Backups are the last line of defense from a cyberattack and they are especially important for industries such as manufacturing and logistics where every hour of downtime can lead to significant losses.
5. Endpoint detection and response: EDR tools closely monitor your organization’s IT endpoints, including PCs, mobile devices, servers, and network connected equipment. These tools look for unusual activity and speed response by removing malicious files, reversing changes, restoring settings, and more. Your insurer may be able to provide access to leading EDR platforms at reduced rates.

Cybersecurity is a complex task, and cyber threats are continuously evolving. A cyberattack can cause more damage than just financial; an incident can hurt your reputation, derail your operations, and even threaten your organization’s viability.

In this environment, it no longer makes sense to think of cyber insurance simply as a tool for transferring financial risk. Instead, cyber policies from leading carriers serve a dual purpose: They provide financial protection and access to services that reduce risk and improve resiliency.

We connect our clients with more than a dozen trusted cybersecurity vendors who can assist with every step of strengthening cybersecurity posture. For many vendors, we have negotiated discounted rates for our clients. Reach out to your Sompo representative or broker to learn more. We are ready to partner on the critical task of strengthening your cyber resilience.

You can learn how to protect your small business against cyber threats with these six essential cyber hygiene steps.