How “You + Us = All Good” is Always Valid & True
Total Secure Technology can help make cyber insurance #allgood
You know you need cyber insurance for your company and that you need to be compliant with the insurance policy. You’re combing through site after site, webpage after webpage, looking for something that makes sense, but all the technical jargon is hard to understand:
- What exactly is cyber insurance and who needs it?
- What does cyber insurance cover?
- What do terms like “data breach,” “extortion,” “PCI DSS Compliance,” “PII,” and “phishing” all mean?
- How does an MSP fit in with cyber insurance?
Let’s take a look!
What it is and who needs it!
As the world becomes increasingly digitized and cloud-based, cyber insurance is a must-have for any business of any size, not just corporations, but even small to medium-sized businesses and companies. Where general liability insurance covers claims of bodily injury or property damage, cyber insurance covers cyber incidents, such as data breaches or cyberattacks like phishing or malware attacks. In a word, cyber insurance is defense; it is reactive, dealing with the aftermath and follow-out of a cyber incident, providing coverage after the fact.
What it covers…
Cyber insurance policies differ in what they cover, so you will need to select the best policy for your company, choosing the policy that best meets your business’s needs. A good cyber insurance policy will cover some basic needs, as financial support and payout in the event of a network security failure or cyber incident, as a cyberattack. You will need to assess your company’s cybersecurity needs (or have them assessed by us) in order to decide which cyber insurance policy is best for you and your company.
Terms and definitions:
The language used in a cyber insurance policy can seem like daunting jargon that doesn’t make any sense, except to professionals who work in the industry. Here are some important terms and their definitions to help you as you navigate cyber insurance policies and experts.
- Data Breach: When someone accesses private PII on a business and its clients without authorization.
- Extortion: When someone holds a company’s digital system hostage and won’t release it until a ransom paid: this can be done through ransomware attacks; however, with extortion, the extortionist ups the ante by demanding a ransom or else they will publicize the data.
- Liability for First Parties: First-party liability is for your own business; usually, policies will cover both first and third party liabilities, but you will want to check to make sure.
- Liability for Third Parties: Third-party liability is for another business for which your company has responsibility; usually, policies will cover both first and third party liabilities, but you will want to check to make sure.
- PCI Compliance: PCI DSS stands for “Payment Card Industry Data Security Standard,” and is the standard for companies that handle major credit cards. Any payments made by credit card through a company’s own system requires that the company follow a set of legal standards set by the PCI DSS. To be PCI Compliant, a company or business must abide by these standards; if a company’s system becomes compromised, there are fines and penalties that might need be assumed.
- PII: PII is an acronym standing for “Personally Identifiable Information” and is the private information a business is entrusted with by employees and clients, and according to NIST includes items such as names, addresses, Social Security numbers, driver’s license numbers, medical records, email addresses, phone numbers, orders and order history, and the like: it is the information that altogether comprises the personal identity of an individual.
- Phishing: Phishing is the fraudulent use of websites, text messages, or emails that are sent out with the pretense of being from someone reputable other that the phisher, usually a boss or colleague, with the aim or intent of “phishing” out sensitive information, such as bank account numbers or any PII.
Why you still need an MSP.
So, why do you need a Managed Service Provider (MSP), like us? The quick and short of it is that in order to be compliant with your cyber insurance policy, you will need us to help keep you compliant, as many cyber insurance policies are now beginning to require that you have an MSP servicing your IT needs. Additionally, as mentioned above, cyber insurance is a kind of defense, a reactive way to deal with cyber incidents after they happen; an MSP, however, is a kind of offense, a proactive way to deal with cyber incidents before they happen. Also, many cyber insurance policies will not pay out without a business having an MSP in place beforehand.
If you’re hoping to qualify for a cyber insurance policy, we can help! We will utilize our expertise and experience to help you choose the right policy for your business and meet your policy’s requirements. Feel free to reach out for a no-obligation consultation where you can decide if we’re the right partner for you.