Cyber Insurance – again!

Posted on by hoinvip

It’s interesting to see the NCSC’s recently published guidance on Cyber Insurance (https://www.ncsc.gov.uk/guidance/cyber-insurance-guidance).

As you’d expect, it’s a useful “short-read” on things to consider and helpfully offers sound, constructive suggestions.

While I think the article is good, it raises a really important question that remains unanswered, which is: HOW does your business actually – and effectively – communicate their organisational risk; a potentially very complex level of cyber security maturity; and, most importantly, their own specific insurance coverage needs, to their insurance broker?

The challenge is that nearly every general insurer – or broker – will not have a precise policy offering that meets these very specific needs and will not readily have the technical knowledge or understanding to translate “cyber” into “insurance” language.  

IASME’s Cyber Essentials-linked insurance offering provides a decent baseline level of protection for the majority of small enterprises but it should not be expected to provide a “one size (premium), fits all policy”.  Many organisations will need to think very carefully about where gaps might exist and what additional help they will need to address them.  

Over the past 12-18 months at 4Secure, we’ve been working with leading insurance consultant Richard Storey (https://www.linkedin.com/in/richard-storey/) to think through these issues in greater depth.  In doing this, we’ve explored the best way to guide insurers, brokers and customers through the cyber risk landscape using clear, jargon-free advice.  

Our aim was to ensure that brokers can competently recommend and sell appropriate products and services, and that buyers equally benefit by ensuring their coverage, and premiums, are fine tuned to their specific needs and risk exposure.

As a result, our five-step cyber risk management methodology is clear, simple and enables buyers to demonstrate evidence of their compliance and protective controls to ensure that any incident is swiftly and effectively managed with appropriate expert support.

To learn more, pay a visit to our website (https://www.4-Secure.com) and get in touch.