If you’ve spoken to your Insurance Broker recently you probably already have cyber insurance, or they have at least spoken to you about getting it. This is a good thing as it could cover you for the costs to remediate a cyber attack when your professional services firm falls victim to one.

So what sorts of things might a cyber insurance policy cover you for?

  • Compensation claims
  • Cyber Forensics
  • Fines and/or Penalties associated with the Privacy Act
  • Reputation Damage/Public Relations
  • Business Interruption
  • Remediation of the Problem

Even if your already covered by cyber insurance that doesn’t mean your job is done and that you are covered no matter what.

Think of it like this, when you buy a car you get a warranty however if you don’t keep up the servicing of that car at regular intervals or you install a modification to the car it can void the warranty and the car manufacturer can refuse your claim.

Cyber insurance also works in a similar fashion. If you buy a computer but don’t do any maintenance to that item e.g. don’t install software updates or let the computer be old enough to not be able to obtain software updates, then you’re leaving yourself open to being refused a claim by your insurance provider.

Other things that may lead to your claim being refused include:

  • Failure to ensure employees and contractors are aware of security issues and how their behaviour can affect company and customer data.
  • Failure to maintain a security regime and ensure security controls are current and consistent with best practice.
  • Failure to disclose pre-existing risks that may have been discovered in penetration tests or vulnerability assessments that have not been rectified.