Cybersecurity Insurance: Get Covered to Know and Maintain Your Posture

In October, our CEO Dan DeCloss discussed the state of cybersecurity insurance with Jake Williams, co-founder and CTO at BreachQuest, and Mark Camillo, CEO at CyberAcuView on a webinar. What, you may ask, does PlexTrac, a cybersecurity reporting and workflow management platform, have to say about breach insurance? Well, the major takeaways of the conversation emphasize the importance of gaining control and offering attestation of security posture to qualify and maintain cybersecurity insurance:

1. Don’t always expect cybersecurity insurance providers to cover fully.
2. Organizations may not receive coverage due to their lack of preventive security strategies and management.
3. Risk management maturity has become the qualification and gauge for providing coverage.
4. Cybersecurity insurance providers are increasing exclusions in their policies as a reaction to companies not maintaining a good security posture over time.
5. Cybersecurity insurance providers are becoming more involved in incident response (IR) to keep an eye on posture, including decisions and ransomware payment negotiations.

Whether your organization already has cybersecurity insurance, is looking to get it, or wants to understand more about it, check out Cover the Inevitable with Cybersecurity Insurance: An Expert Panel Discussion. Learn why cybersecurity insurance is becoming a necessary part of a robust security program and how to put yourself in the best position to acquire and maintain competitive premiums with your risk management practices.

Just Having a Policy Doesn’t Ensure Coverage

Event management, data security, business interruption, and liability are the main four categories that require coverage when a breach occurs. In order to assess cybersecurity insurance coverage, providers review the latest security audit of the company and documentation from approved security assessment tools. Providers may also have their own audit team review and evaluate the breach. After reviewing security details, cybersecurity insurance providers decide to provide full, partial, or no coverage. A company may not receive any coverage after a breach if the insurance provider determines the company is responsible for any of the following actions or inactions contributing to the breach:

• Had insiders, such as employees, involved in the cause of the breach
• Had a weak infrastructure
• Failed to act on a known vulnerability and became compromised from that very vulnerability
• Doesn’t have an up-to-date IR plan and/or risk management products to know their own environment
• Did not upgrade systems and/or tools

Understanding how an organization assesses and analyzes its security is crucial for insurance providers to determine how much coverage they should provide when a breach occurs and/or how to recalculate premiums. If an organization isn’t maintaining their asset inventory over time and vulnerability management is lacking, insurance providers will push back. Insurance providers want to see a picture of the policy holder’s security posture over time.

Know Your Environment to Receive Coverage

To qualify for the best premiums and assure they will qualify for as much coverage as possible in the event of a breach, organizations should emphasize continuous security management and tracking. Doing so allows companies to detect and fix breaches rapidly and to demonstrate a robust strategy, both of which will increase the likelihood of receiving full coverage from the provider.

Learn more about how PlexTrac, the premier cybersecurity reporting and workflow management platform, can help you gain a real time view of your security posture.