So you have purchased Cyber Insurance, now what?
So after a lengthy discussion with your current insurance broker you have taken their recommendation on taking out Cyber Insurance. The limit and coverage is adequate for your business and survival should anything happen. Now what?
The file with the invoices and policy wordings are now retired to the bottom draw in the COO or the CFO’s office, and only to be reminded at renewal next year if there are any changes to the business description or limits for the Cyber cover, right? WRONG.
Taking out the insurance policy is a vital step towards protecting your business and a great risk transfer, but not the only step to business survival.
Recently chatting with Milind Sheth from PKF Forensics and Risk Services & Stuart Davis from Cecuri around Cyber protection; both commented that business continuity planning and cyber audits are on the rise.
Milind claimed that historically Business Continuity planning were normally conducted at the big end of town with clients with large infrastructure and with a large exposure. This has changed over the last year as more SME businesses are aware of not only obligations to clients, but increased demands from ransomware and likelihood of a cyber breaches that could sink the business.
Stuart Davis from Cecuri who has been involved with Cyber audits and risk prevention for a few years has also seen a dramatic rise. `You turn on the news and someone either here or abroad has had data stolen because someone found a way into the business. Companies assume that all we need to do install an anti-virus or firewall, and wait for the pop up reminder that the software needs to be updated. Stuart said.
What both Milind & Stuart shared that is not only concerning but is alarming is the rise of breaches that are occurring due to internal procedures and lack of organisation control or outsourcing the problem to IT or overseas and expecting them to fix it when it hits the preverbal fan.
So what now? Having organisations such as PKF & Cecuri complete Cyber audits and Business Continuity planning is key. Both organisations should be treated as professional advisors (similar to the broker relationship). With a basic audit costing as low as $5,000 + GST, it is a low cost risk management tool. This will allow you as the business owner to have a better understanding on areas that are exposed and ways to mitigate those exposures.
Just remember, prevention is always better than the cure.
Strategic Growth Manager