In October, our CEO Dan DeCloss discussed the state of cybersecurity insurance with Jake Williams, co-founder and CTO at BreachQuest, and Mark Camillo, CEO at CyberAcuView on a webinar. What, you may ask, does PlexTrac, a cybersecurity reporting and workflow management platform, have to say about breach insurance? Well, the major takeaways of the conversation emphasize the importance of gaining control and offering attestation of security posture to qualify and maintain cybersecurity insurance:
Whether your organization already has cybersecurity insurance, is looking to get it, or wants to understand more about it, check out Cover the Inevitable with Cybersecurity Insurance: An Expert Panel Discussion. Learn why cybersecurity insurance is becoming a necessary part of a robust security program and how to put yourself in the best position to acquire and maintain competitive premiums with your risk management practices.
Event management, data security, business interruption, and liability are the main four categories that require coverage when a breach occurs. In order to assess cybersecurity insurance coverage, providers review the latest security audit of the company and documentation from approved security assessment tools. Providers may also have their own audit team review and evaluate the breach. After reviewing security details, cybersecurity insurance providers decide to provide full, partial, or no coverage. A company may not receive any coverage after a breach if the insurance provider determines the company is responsible for any of the following actions or inactions contributing to the breach:
Understanding how an organization assesses and analyzes its security is crucial for insurance providers to determine how much coverage they should provide when a breach occurs and/or how to recalculate premiums. If an organization isn’t maintaining their asset inventory over time and vulnerability management is lacking, insurance providers will push back. Insurance providers want to see a picture of the policy holder’s security posture over time.
To qualify for the best premiums and assure they will qualify for as much coverage as possible in the event of a breach, organizations should emphasize continuous security management and tracking. Doing so allows companies to detect and fix breaches rapidly and to demonstrate a robust strategy, both of which will increase the likelihood of receiving full coverage from the provider.
Learn more about how PlexTrac, the premier cybersecurity reporting and workflow management platform, can help you gain a real time view of your security posture.