In Part I of this two-part series “Cyber Insurance – Have You Read the Fine Print?” we wrote of the importance of carefully reviewing clauses when it comes to your Cyber Insurance policy. If you haven’t read the article, take a look here for some great insight into some seldom-known facts.
What is better known to many policy holders are coverage limits – the maximum amount of money an insurance company will pay or reimburse you for a covered loss. When evaluating what limits to choose, your business must take into consideration:
- The number of sensitive records your business stores
- The type of data used
- What your company stands to lose if a data breach occurs, including productivity loss, reputation cost, exposure to civil suits relating to the breach, and possible regulatory fines
For example, a mid-sized Financial Firm may incur the following costs in the event of a cyber-attack:
Cyber Insurance & Ransomware (Cyber Extortion)
Cyber Insurance & Data Breach
Per Record Method of Cost Estimation:
Approx. avg of $150 per breached record – think “rows on a spreadsheet” where
each row = 1 record.
Granular Method of Cost Estimation:
- $30-45k in forensic costs
- 4-6 hours in IT investigation & remediation
- Lost productivity for compromised account/executives who have to deal with breach
- unknown cost of legal fees
- Possible additional costs related to notification/credit monitoring for victims
Cyber Insurance & Business Email Compromise
Much like a Data Breach, but if the account breached had no possible access to Personally Identifiable Information/Personal Financial Information/Personal Health Information, this may be able to be remediated in 4-6 hours of IT investigation & remediation time.
There are a large number of variables at play when it comes to assessing the financial and business risks associated with cybercrime. Cyber Insurance can be complicated; LMT is here to simplify the complexities of IT for your company. LMT can work with your insurance agent and ask the right questions to help you best plan for, guard against, and defend cyber-attacks.
James Keeler, CISSP
LMT Cybersecurity Manager