Protecting Your Business from Cyber Crime

A cyber liability policy can provide a much-needed tactical and financial support defense for companies confronted with a cyber incident. But in order to even begin the process of exploring your insurance options you will need to have a fairly robust cybersecurity program in place. 

Most carriers will ask you the following questions about your program. We recommend using this as a guide to create a new – or optimize an existing – cybersecurity program:

  • A written, attorney-approved and updated policies and procedures document about the handling of information within your company

  • A general description and hierarchy of the volume and types of data (i.e., credit card data, banking records, protected health information) handled or maintained by your company

  • If you are compliant with security standards and regulations, you should be able to address how often the frequency of assessments are performed and what the past results have been

  • The existing network security programs, including the use of firewalls, antivirus software, and network intrusion testing

  • Professional background and qualifications of your chief information officer or chief technology officer

  • History of security incidents and breaches, including how long it took to detect any prior breach

  • Prior threats to disable the company’s network or website, and how they were handled

  • Awareness of facts or circumstances that reasonably could give rise to a claim under a prospective cyber policy

  • The company’s security budget (is it part of the IT budget and, if so, what percentage?)

  • Practices concerning data encryption, passwords, patching and system access control

  • Employee hiring and training practices, and procedures around termination

  • Information regarding physical security controls (e.g., access cards) that are in place

  • Audits of third-party service providers

  • Info regarding your vendor management program

  • Policies governing mobile devices and social media

  • Data backup procedures and frequency of how often they are performed

While there is not fool proof method to be 100% safeguarded from a network breach, taking steps to set-up the items above, and ultimately be able to answer the questions, will go a long way in protecting your company’s exposure in the event of a cybersecurity-related event.

Adrian S. Darmawan
About the Author
Adrian S. Darmawan , Executive Vice President, Chief Technology Officer

Find your Banker.

View all bankers and advisors

Let's talk... Please enter a Specialty and Location to view a banker/advisor near you.