When it comes to insurance reducing exposures is what underwriters generally focus on to determine the premium costs:

  1. Are you storing sensitive data?
  2. Are you running credit cards through your terminals?
  3. Is your staff trained in security?
  4. Do you run backup software and do you test these backups periodically?
  5. Are you using firewalls and AV software and is it up to date and managed?
  6. Do you have a 3rd party company or internal employees that specialize in managed your network and security?

Minimizing the exposure will effectively reduce your premiums.  The questions above are posed by the insurance underwriter in order to determine the risk of insuring your business. How those questions are answered will determine how risky it is for the insurance company to insure you.

If your business doesn’t have any cyber insurance yet, 2021 might the year to consider getting it.

With the ransomware attacks on the rise, ransomware and malware has become as easy to use as signing up for the service. In today’s internet connected world, no one can guarantee 100% protection from cyber attacks or data breaches.

Upgrade Your Hardware and Update Your Software

Upgrading your servers, workstations and network equipment can be an expensive undertaking but can also help pay that back in increased efficiency, peace of mind and lower insurance premium costs.

One of the simplest ways to secure your systems is ensuring that you are running the latest patches on all workstations and servers. This is sometimes missed by the employees, however this is one of the first things that everyone should to ensure all vulnerabilities are patched as they become discovered.

The problem arises when these updates aren’t performed because its very easy to lose track of this sort of thing unless there is active management involved.

For example a server on the network that is not logged into typically on a regular basis could become outdated and become susceptible to multiple vulnerabilities simply because no one checks this machine on the regular.

To prevent this from happening its important to either assign an employee in the office that is tech savvy to go around and check all the servers. Trusting they do everything proper and install appropriate patches that are known to not cause problems, or hire a 3rd party Managed IT Services (MSP) company that would perform these tasks for you.

The updates are not just Windows updates, its important to patch everything from MS Office to Adobe Acrobat reader since those pieces of software can become just as vulnerable to the attacks. Often times MSP can perform penetration testing that will provide a detailed report of the systems and tests ran that can be submitted to the insurance company in order

Educate Employees on

All employees should be educated about phishing emails and any other form of social engineering attacks, since they are typically the first line of defense when it comes to getting into a network or company servers.

Often times your Managed IT Services Provider (MSP) can provide employee training, which will effective go towards lowering your Cyber Insurance as well. Each employee would receive a certificate of completing a cyber security training that can be submitted to the insurance company as proof of ongoing employee education.