Podcast: The Fundamentals of Cyber Insurance

The Business of Government

Many government agencies are turning to cybersecurity liability insurance to help mitigate their IT security risks. As you prepare your insurance representations, it’s key to remember that your answers impact the level of coverage and available policy features offered.

Key Points:

• Cyber risks are more prevalent than ever before for governments and an ever-evolving threat.
• Government agencies purchase cybersecurity insurance as one avenue to help to mitigate their IT security risks.
• Organizations need to consider all facets of their cybersecurity footprint when completing their cybersecurity insurance representations.

Malicious cybercriminals see government entities as prime targets and many leaders are investing in the best protection against loss and interruption. In this edition of The Business of Government, our host, Adam Jones, is joined by Trip Hillman, Weaver’s Partner of IT Advisory Services, to discuss the ever-changing cybersecurity landscape and the growing need for cyber insurance.

Hillman says the expanding role that cybersecurity plays in all areas of business and government requires the use of specialists to ensure networks are safe. “There are many standards, requirements, and frameworks that organizations, including governments, are subjected to, and each day presents a new best practice, a new book, or a new set of compliance standards that should be followed.” On top of all these standards are frameworks that IT specialists can help to utilize.

Part of the evolving cybersecurity landscape is a market for cybersecurity insurance. No longer an uncommon practice, Hillman says people recognize cyber insurance as one of the mechanisms for mitigating IT risk. “Many organizations consider it part of a portfolio for how they treat their overall cybersecurity risk posture.”

Like everything else in the IT world, cybersecurity insurance is gaining in complexity. “Cybersecurity questionnaires can easily be eighty plus questions and I’ve seen some run over one hundred questions,” Hillman says. Many metrics go into a cyber insurance quote today as well as the parameters around which types of attacks need coverage.

One trend Hillman is seeing is with organizations that already have cyber insurance. Brokers tend to ask many more questions during renewals to ensure the coverage is sufficient to cover all their needs. It is essential to ensure that your cyber insurance paperwork is detailed and thorough, but also that it is a true representation of your security posture.

Cybercrime will continue to evolve as criminals develop more sophisticated ways to access systems. In turn, cybersecurity insurance will also continue to change. Ensuring the right type of coverage and that the policy will cover costs should you need them is paramount.

Subscribe and listen to future episodes of Weaver: Beyond the Numbers, The Business of Government on Apple Podcasts or Spotify.

© 2022