SECURITY BREACH? CALL 888.234.5990 EXT 9999

Managing Risk with Cybersecurity Insurance

Companies are struggling to find the best way to manage risks associated with data breaches and cyber attacks. Cyber risk mitigation usually includes a robust, risk-based security program, regular assessments, and testing, but there’s no such thing as perfection. Organizations must constantly strive to thwart attackers’ efforts to penetrate their networks, while also mitigating the damage they can do if they succeed. Cyber liability insurance, or ‘cyber insurance,is one more step many organizations take to reduce harm in case of an attack. Cyber insurance can help protect you from the heavy costs of data breaches. 

Should Small Companies Consider Cyber Insurance?

Many times, smaller organizations assume that attackers prefer to go after large companies. However, attackers work to exploit companies of all sizes. According to the 2021 Verizon Data Breach Investigations Report (DBIR), organizations with fewer than 1,000 employees accounted for 46% of all breaches. 

When evaluating the need for cyber insurance, there are many things to consider. Three key questions:  

  1. How much could a breach harm your company? 
  2. Does your company have sufficient resources to cover the costs and expertise needed in the case of a data breach? 
  3. Is your company’s cybersecurity program mature enough to successfully obtain cyber insurance? 

The average cost of a data breach in the United States is $9.44M, and the global average is $4.35M. However, it is important to understand the intangibles surrounding a data breach. How much could it damage your reputation and decrease sales and customer trust? According to research by IBM, 52% of SMBs have experienced a cyberattack in the last year, and 10% have experienced more than 10 cyberattacks.   

What Does Cyber Insurance Do?

Cyber liability insurance is designed to help an organization pay for business and legal fees as well as customer notifications, forensics experts, and recovering compromised data. 

The ability to obtain cyber insurance and its cost are based on the level and completeness of certain security safeguards including: 

  • Ransomware readiness and defense 
  • Data security and business continuity 
  • Identity, credential, and access management security 
  • Security monitoring and incident response 
  • Risk management 
  • Phishing defense 
  • Third parties’ & managed service providers’ defense 
  • Perimeter and internet defense 
Better Security Makes It Easier to Get Cyber Insurance & Lowers Premiums

Due to the increasing number of successful attacks and data breaches, insurance companies continue to raise premiums. Additionally, the scope of coverage they provide is based on how well a prospective client completes detailed security assessments. Furthermore, many insurance companies are limiting how much they will pay on a claim if the breach falls within a policy exclusion. 

Examples of Well-Architected Framework at Work

Often, businesses lack the expertise in house to properly identify and manage their risks. Many organizations can benefit from assistance creating comprehensive security programs that address requirements, including those from cyber insurers. That is where services organizations like Netrix can help. We make it our mission to ensure your business is always secure and protected from even the worst cyber criminals Our expertise can help you create a new cyber security program or mature an existing one while helping you determine if you should purchase cyber insurance or retain your current insurance. 


Alane Kochems

Alane Kochems is a Lead Security Consultant with Netrix Global and provides vCISO services to clients in multiple industries. She has over 20 years of experience working in cyber security, risk management, and technology policy.