cyber liability insurance and protecting smes
DESCRIPTION
Insurance broker Duncan Sutcliffe looks at the growing market of cyber liability insurance and how SMEs can protect their business by implementing security measures to include IASME standards.TRANSCRIPT
Duncan SutcliffeCyber Insurance And Protecting SMEs
Protecting Your Business
• Commercial Combined / Package Policy• Is this sufficient?
•It’s insured•It’s backed up•No worries…
• Lost control of system• Unable to trade• Data disrupted• Everyone contaminated• Data protection act• IP & confidential data• Ransom• Litigation – ICO, regulator, customers, staff• Reputation• Clueless & Hopeless
No worries!
•Insurance Claim >–New Laptop
•Backup >
• Traditional Insurance – Things
• Cyber Liability insurance– Your data– Third party data– Your reputation
• Accidental or malicious causes• Internal or external causes
Cyber Liability Insurance
• Loss, damage or disruption of own data• Loss, damage or disruption of other people’s data• Forensic investigation costs• Legal defence costs• Fines & penalties• PR & reputation management• Extortion• Network interruption costs• Notification costs & credit monitoring
Who needs Cyber Insurance?
• Obvious– Administrative & Online
• Neglected– Control Systems
The Supply Chain
• Suppliers, service providers & contractors
• SME easy pickings & ‘back door’ route• Insurance & Assurance
IASME
A new information standard for SMEs
ISO27001
• International standard• Comprehensive• Difficult & costly for SMEs to implement• Difficult & costly for SMEs to maintain
IASME
• ISO27001 and TSB heritage • Simple & inexpensive• Self assessed or externally audited options• Gold / Silver / Bronze• IASME = evidence of cyber security• Gold IASME = Baseline ISO27001
Process & Costs
• Self Assessment - £250• Audited Assessment
– Risk Assessment– Gap Analysis– Improvement Plan
• Security Policy• Business Continuity Plan
– Formal Audit
Estimated costs
Company Size - number of employees
Basic Consultancy & Assessment
Annual Accreditation Renewal
Up to 10 employees
£2,500 - £4,500 £1,000 - £2,000
10 - 25 employees £3,500 - £6,000 £1,000 - £2,00025 - 100 employees £5,000 - £9,000 £1,700 - £3,000100 - 250 employees
£6,500 - £12,000 £2,200 - £4,000
Conclusion
•Review your business•Review the vulnerabilities•Improve security procedures•Business continuity plans•Assurance & Insurance
Any Questions?