What is Cyber Insurance

Cybersecurity News

Auxiom’s CEO Matt Loria was a guest on WJR News Talk 760 with kevin dietz on monday, august 9, 2021, to talk about cyber insurance. 

With such a drastic uptick in cyberattacks on businesses and more companies working remotely, cyber insurance is a topic that has probably come up in your business recently. Matt Loria talks with Kevin Dietz of WJR 760 about some trends we are seeing in the Cyber Insurance industry and some action organizations can take to possibly lower their cyber liability costs, including making sure you have robust and proactive cyber security measures in place.

(or read the entire transcript below)

You can listen to Matt’s Cyber Insurance interview with WJR NewsTalk 760 here:

Matt Loria on WJR NewsTalk 760 August 9, 2021 by Auxiom
  • Matt Loria on WJR NewsTalk 760 August 9, 2021

Read the transcript of Matt Loria’s interview with Kevin Dietz regarding Cyber Insurance now:

Kevin Dietz @ WJR NewsTalk 760
What is cyber insurance?

Cyber insurance is quickly becoming a necessity in the era of remote work to protect your company’s online assets. In our tech savvy world, data breaches, viruses and cyber crimes can cripple a business while proper cybersecurity software is a crucial first line of defense that most of us use. 

Even the best programs don’t guarantee protection from complex attacks. Think ransomware. For extra protection, you may consider taking out a cyber insurance policy for business. But what is it? Joining us now is Matt Loria, CEO of Auxiom. Welcome, Matt. How are you?

Matt Loria @ Auxiom
Morning, Kevin doing great this morning. How are you?

Kevin Dietz @ WJR NewsTalk 760
Good. It seems like we need insurance for just about everything. But if you follow the news at all, it sounds like cyber insurance is probably something people need, probably something a lot of people don’t have. Or if they do have it, it may not cover all of the things they thought they might need it to.

Matt Loria @ Auxiom
Yep, yep, it’s definitely a requirement. In this day and age, I mean, all you have to do is open up the front page of Google and find the most recent attack and see how close to home it is. And it could be you next.

Kevin Dietz @ WJR NewsTalk 760
Yeah, and it’s a couple of different things. It’s our personal information, that’s a business’s customers information. But there’s also these ransomware situations where they just take over, where hackers will take over an entire I don’t know, business computer system and basically hold it hostage until the money’s paid.

Matt Loria @ Auxiom
Yeah, they basically, you know, they basically lock it down, they encrypt the data so that you can’t access it. And and therefore you can’t serve your clients typically is the biggest thing. So you’re risking the downtime for your company, you’re risking the downtime for your clients, and then the reputational risk that’s associated with that if, if you’re out of pocket and unable to work for a while.

Kevin Dietz @ WJR NewsTalk 760
So let’s look at this from the two sides from the insurance company side, and then say the business’s side, what are insurance companies doing? Or what do they need to be doing to handle these new changes in cybersecurity?

Matt Loria @ Auxiom
Yeah, great question. So you know, we get affected, we’re on the business side, right, we serve, we provide IT services to businesses and usually what that means is that a business, typically every year will come to us with their cyber liability policy. And they’ll say, hey, my insurance company has asked us to fill out this this questionnaire.

Last year, that was maybe a page of information that they were looking for, and now the insurance companies are looking for a six-page return of information and all sorts of security features to, to have in place.

So, what we did was we reached out to our agent, we work with Brian Pilarski, over Brown and Brown Insurance, who is a Cyber Liability provider. And, and we said, hey, what the heck these the questionnaires are becoming so long, and they said, you know, the business has changed, the underwriting has changed dramatically because there’s been so much loss for the insurance carriers on their side of the business.

Kevin Dietz @ WJR NewsTalk 760
So basically, when something would happen, and they would go and look at what’s in writing, they may not have had everything covered that they needed. And there’s probably debate over, you know, what would be paid out or what things would be paid out for and what things they wouldn’t be if it’s not all spelled out. You don’t really know.

Matt Loria @ Auxiom
Exactly you know, the attitude in the past, by a lot of business owners, unfortunately, was, you know, I’ve got insurance for that. So they weren’t paying very much attention to the investments that were necessary to keep up with their cyber protection.

And it’s kind of like, like health insurance or life insurance, I should say, you know, the healthier you are the better rate that you get on your life insurance. And so now that’s the approach that the insurance companies are taking as it relates to the cyber policies, and they’re saying, Hey, you know, what, we would really like to work with the healthy companies, the ones that have already invested in some really good backup, really good firewall type of stuff, and, and even like endpoint discovery and response type of systems.

Which basically says, Hey if something happens, you know, what are the systems that are there to squash this stuff, so it doesn’t didn’t go too rampant through the business. And that’s where they want to, that’s where they’re actually rewarding, if you will, with with with better rates at this point in time.

Kevin Dietz @ WJR NewsTalk 760
So when businesses are getting together with their decision-makers, and internally, what kinds of things are they talking about when they’re making decisions on cybersecurity?

Matt Loria @ Auxiom
Well, so that’s the type of people that we sit down with, right? And we have to say, okay, so we all know that security will in some ways always impede productivity, right? And security always costs money. And so the decision-makers always have to kind of do the risk-reward offset to say, okay, if we put these security measures in place, we may have to click a couple more buttons before we can get to an application. Or it might make our website just a little bit slower. But is that worth the investment for, for the protection that it gives us? And so those are some of the decisions that they have to make.

Kevin Dietz @ WJR NewsTalk 760
And, you know, you think about security, you could have Fort Knox security, or you could have a ring doorbell security. You know, security’s a pretty broad description, and then insurance, you have to decide how much money do you really need a business idea how much money they might need it from an insurance side with the, with all the new things that are going on, especially with like, ransomware, and things like that, that people weren’t even considering a year ago or five years ago?

Matt Loria @ Auxiom
Yeah, yeah, they, you know, the biggest thing is that the business owner has to consider is, as I say, there are only two words in it, that the business owner needs to understand. And it’s business continuity. And that means how much downtime can I afford? In terms of how many days could I be possibly out of production? And withstand that risk, along with any reputational risk or other, you know, superfluous things around? You know, how much can you really afford? And those are some of those numbers that you want to be discussing with your insurance agent to make sure that you have, you know, have that proper coverage.

Kevin Dietz @ WJR NewsTalk 760
And yeah, we didn’t even talk about the reputation. But if your company allows for their client’s information or the public’s information that works with them to get out, that can be extremely damaging, it’s hard to put even a number on that value.

Matt Loria @ Auxiom
It sure is, I mean, and look, I guess the good thing is, that you know, misery loves company, right is that as we’re all now accepting that any company in the world can get hit with ransomware or any sort of nefarious cyber attack. And so I don’t think that most people blame the company itself.

However, you know, every company has to make sure that they have kind of a minimum moniker of cybersecurity in place that says, hey, I did my best, I did a good job of trying to protect your data and trying to protect my data. You know, without maybe totally over investing, but you certainly can’t get away with you know, that we did nothing. And we were just relying upon our insurance. That’s, that’s definitely the case.

Kevin Dietz @ WJR NewsTalk 760
I imagine people who thought self-insurance was the way to go with cybersecurity are probably finding out that it can be a lot more expensive than you think with the breaches that exist today.

Matt Loria @ Auxiom
Oh, I’m sure I mean, those numbers can just go sky high. I mean, if you think about this, we might be even forced into some levels of self-insurance. I was talking to Brian the other day, and he said that some of the companies are actually requiring a co-payment on ransomware. 

So basically, the insurance company is saying, hey, we’ll write along with you. And we’ll pay half of the ransom if you’ll pay the other half. And, and so even though it’s almost like you’re in coinsurance or self-insured sort of scenario on some of these cases, so it’s really important to be working with the right agents who really understand those these products and what the gotchas are with the programs from the different insurance companies.

Kevin Dietz @ WJR NewsTalk 760
Well, that right there tells you how prevalent the problem is. Matt Loria, we appreciate you as always coming on and talking with us about this. Thanks so much.

If you are a business owner or manager and would like to learn more about steps you can take to keep your business systems and data safe, check out Auxiom’s Cybersecurity Solutions now.

Auxiom is The Gold Standard in Business IT. Led by IT industry veterans with a passion for providing people-focused IT Solutions. Auxiom is a world-class provider of Managed IT Services, IT outsourcing, IT consulting, cloud computing, hosted applications, and other advanced business technology solutions. We help clients remove IT issues and security concerns with solutions, services, proactive planning, and budgeting.

Author

Related Posts

Forescout’s 2024 Threat Review

https://youtu.be/TKNd-Ac9YIc?si=Dr9ElyLC5US_6ggO In this episode of Big Reports in Five Minutes, Earl Duby shares Forescout’s 2024 Threat Review. You’ll want to learn about the alarming increase

Read More »