You can buy cyber risk insurance directly from an insurer or from a broker/agent.
Policies are generally available for Small Businesses with cover limits between$100k and $5 million, although significantly higher amounts of cover are available for firms facing more complex cyber risks.
Managing cyber risks
As well as putting adequate insurance in place, it is important for you to manage your own cyber risks as a business. This includes:
- Evaluating first and third party risks associated with the IT systems and networks in your business
- Assessing the potential events that could cause first or third party risks to materialize
- Analyzing the controls that are currently in place and whether they need further improvement
In 2014 the Government launched Cyber Essentials – a basic cyber security hygiene standard to help organisations protect themselves against common cyber-attacks. Considering Cyber Essentials accreditation is a good first step in becoming cyber resilient.
If you suffer a cyber breach, having cyber insurance can make the recovery process as straightforward and rapid as possible (however it is still likely to take a number of days or weeks depending on the severity of the incident). Many insurers include technical assistance with managing a breach as part of the insurance policy – if so, get in touch with them as soon as possible after the breach is discovered.