Though cyber insurance is certainly a much needed fallback plan in case of a cyber-attack, it should also only be a backup. There is no substitute for a solid and layered cyber defense plan. One of the issues in the cyber insurance world, however, is that due to the cyber security test that many firms often give in order to determine whether or not that company is worth the risk of insuring, many companies that have poor defenses and need insurance cannot get it. In that way it is an interesting Catch-22 situation: the companies that need cyber insurance the most do not have access to it, while those businesses that are properly prepared need it less. Good defense comes from several parts working as a whole, and cyber defense is no exception. This includes working together with your insurer to determine how much risk you are willing to offset through insurance, and how your company plans to address the risk that comes with such a plan. Instead of relying on a cyber insurance plan, focus on your company’s own risk and minimize any potential vulnerabilities.
Leave a Reply