There is more to a cyber insurance policy than contract terms alone. When considering a cyber insurance policy, it’s important to understand the components, considerations, and costs to ensure you are making an informed decision that best fits your company’s needs.
Think about this checklist to help guide your evaluation with your insurance advisor:
Inquire about the carrier’s commitment to cyber insurance products. A carrier that specializes in cybersecurity coverage is more adept to navigate the intricacies of the cyber landscape and support you through a cyber event.
Specialty Endorsements and Policy Wording
Review the policy and endorsements with your advisor to ensure that it matches your unique exposure. Many carriers have endorsements that broaden coverages to match particular industry classes. Review policy forms to determine if there are additional coverages like Media Liability, Technology E&O, or Miscellaneous Professional Liability that may have potential coverage overlaps.
Knowledge in Cyber Event Handling
Know the carrier’s expertise and knowledge in handling cyber events. The carrier you are considering should have a dedicated cyber claims team and panel of vendor partners that aligns with your current IT infrastructure. Do your research on the vendors to confirm the breadth of the panel is appropriate for your risk. Speed is of the essence in these situations, so the claims team should respond quickly. Also ask how outside counsel is involved – outside of the breach coach, find out if any other law firms would be involved in the review and management of the claim.
Are you working with a carrier or managed general underwriter? The evolution of the insurtech sector has given several entrepreneurs in the tech field the opportunity to create new mechanisms for underwriting on behalf of insurers and reinsurers. Finding out who pays the claims in an event is important to vet prior to binding coverage.
Investigate the carrier’s claims handling experience. Look for reviews and feedback from policyholders regarding their satisfaction with the claims process, including asking your advisor about their own experiences with other clients. A carrier with a track record for preventing claims indicates a proactive approach to thwarting cyber events before they occur.
Inquire about the carrier’s data analytics capabilities. Find out if they have access to extensive data sources and if they use this data to stay informed about emerging cyber risks and events. Also determine if the carrier shares valuable cyber threat data with clients to help better understand and mitigate cyber risks.
Learn more about the services available to you based on the purchase of your insurance policy. Carriers offer many complimentary services, including threat scanning and training, and many discounted resources to boost your IT infrastructure.
Outsourced Security Operations Center (SOC)
Look into the availability of an outsourced Security Operations Center (SOC) if your business doesn’t have a dedicated IT security team. A SOC continuously evaluates threats and events, providing timely notifications and actionable steps to help prevent victimization.
Longevity in the Market
Talk with your insurance advisor about the carrier’s track record and longevity in the cyber insurance market. Companies with a solid history are more likely to have long-term vendor relationships and offer more robust and tested coverage.
Combine this checklist with the expertise of an experienced advisor to help you find the cyber insurance policy that best aligns with your organization’s needs. A robust policy is more than numbers and contract conditions, but rather a comprehensive strategy to help reduce your risks and exposures in a complex cyber landscape.
Contact us so together, we can find the cyber solutions that best fit your needs.
This material has been prepared for informational purposes only. BRP Group, Inc. and its affiliates, do not provide tax, legal or accounting advice. Please consult with your own tax, legal or accounting professionals before engaging in any transaction.