The emerging insurance market cannot be treated as a cure-all for cyber risk as businesses also need to focus on education of staff and smart use of technology to ensure they remain protected.
Nick Lennon, country manager at cyber security firm Mimecast, said that while insurance plays an important role in cyber protection, risk managers should be advising their clients to mitigate risks as well as take out a policy.
“Cyber insurance is an evolving area,” Lennon told CRI
“That combination of insurance policy, strong technology and perimeter security, as well as governance and business process are very important. They complement one another and IT and business leaders need to be analysing these aspects to make sure they’ve got control and are able to remediate the situation should it present itself.”
Human error is one of the most common causes of cyber breach and Lennon noted that brokers should advise clients that an on-going schedule of training with employees is key in avoiding a cyber misstep.
Training that has personal benefit, as well as business benefits, can help businesses ensure their staff remain up to date on the latest threats in the cyber landscape. Teaching staff members to think before they click on an email or utilise smarter passwords can help businesses avoid a simple cyber breach.
With mandatory breach notifications recently passing through Parliament, Lennon noted that he expects to see the cyber insurance market continue its growth over the course of 2017 as businesses learn that cyber risk is an issue that reaches far beyond the IT department.
For clients that do increase their education of staff and other mitigation efforts, Lennon said that insurers will be “far more accommodating” in future as the cyber insurance market becomes fully understood.
“The value of cyber insurance is something that is being understood at this point in time,” Lennon continued.
“In the more connected world that we operate in, these insurance policies will provide increasing value.”
Business interruption needs to evolve to match client need
Deloitte expects 10 million cyber attacks a year
Cyber insurance is one part of a three-pronged approach needed to help clients dealing with ever-changing cyber threats, an expert has said.