There is more to a cyber insurance policy than contract terms alone. When considering a cyber insurance policy, it’s important to understand the components, considerations, and costs to ensure you are making an informed decision that best fits your company’s needs.
Think about this checklist to help guide your evaluation with your insurance advisor:
- Product Commitment
Inquire about the carrier’s commitment to cyber insurance products. A carrier that specializes in cybersecurity coverage is more adept to navigate the intricacies of the cyber landscape and support you through a cyber event.
- Specialty Endorsements and Policy Wording
Review the policy and endorsements with your advisor to ensure that it matches your unique exposure. Many carriers have endorsements that broaden coverages to match particular industry classes. Review policy forms to determine if there are additional coverages like Media Liability, Technology E&O, or Miscellaneous Professional Liability that may have potential coverage overlaps.
- Knowledge in Cyber Event Handling
Know the carrier’s expertise and knowledge in handling cyber events. The carrier you are considering should have a dedicated cyber claims team and panel of vendor partners that aligns with your current IT infrastructure. Do your research on the vendors to confirm the breadth of the panel is appropriate for your risk. Speed is of the essence in these situations, so the claims team should respond quickly. Also ask how outside counsel is involved – outside of the breach coach, find out if any other law firms would be involved in the review and management of the claim.
- Insurer Backing
Are you working with a carrier or managed general underwriter? The evolution of the insurtech sector has given several entrepreneurs in the tech field the opportunity to create new mechanisms for underwriting on behalf of insurers and reinsurers. Finding out who pays the claims in an event is important to vet prior to binding coverage.
- Longevity in the Market
Talk with your insurance advisor about the carrier’s track record and longevity in the cyber insurance market. Companies with a solid history are more likely to have long-term vendor relationships and offer more robust and tested coverage.
- Claims Experience
Investigate the carrier’s claims handling experience. Look for reviews and feedback from policyholders regarding their satisfaction with the claims process, including asking your advisor about their own experiences with other clients. A carrier with a track record for preventing claims indicates a proactive approach to thwarting cyber events before they occur.
- Data Analytics
Inquire about the carrier’s data analytics capabilities. Find out if they have access to extensive data sources and if they use this data to stay informed about emerging cyber risks and events. Also determine if the carrier shares valuable cyber threat data with clients to help better understand and mitigate cyber risks.
- Pre-Breach Services
Learn more about the services available to you based on the purchase of your insurance policy. Carriers offer many complimentary services, including threat scanning and training, and many discounted resources to boost your IT infrastructure.
- Outsourced Security Operations Center (SOC)
Look into the availability of an outsourced Security Operations Center (SOC) if your business doesn’t have a dedicated IT security team. A SOC continuously evaluates threats and events, providing timely notifications and actionable steps to help prevent victimization.
Combine this checklist with the expertise of an experienced advisor to help you find the cyber insurance policy that best aligns with your organization’s needs. A robust policy is more than numbers and contract conditions, but rather a comprehensive strategy to help reduce your risks and exposures in a complex cyber landscape.