A firm without standalone cyber cover is effectively rolling the dice, hoping their other covers will protect them following a cyber-attack and accepting they will have to pay a higher excess as a result. On the other hand, simply having standalone cyber cover sends a message that the firm is committed to protecting its cyber security. Indeed, the ICO considers a firm’s insurance when evaluating their disclosures following a privacy breach – and has come down hard on those that appear to not have had a business continuity plan or disaster recovery plan in place.

Further to this, in a hardening insurance market, having a risk-aware culture can help a firm secure cover in the first place. Many insurers are tightening their requirements, writing cyber policies only for organisations with best-in-class multifactor authentication, as well as training on phishing, penetration testing, endpoint detection and response, and good patching hygiene. The cyber cover then helps the firm minimise any financial and reputational damage it suffers following an incident.

Source: our insurer partner Travelers

We are advising businesses to get in touch for a no obligation cyber insurance quotation designed specifically to protect your business.