Why Obtaining Cyber Insurance is Becoming Difficult

As a business owner, you know the importance of insuring your business from things like theft and fire.  With more and more businesses online, cyber insurance is also becoming a must to protect yourself from cyber attacks.  So, what are the challenges of obtaining cyber insurance for your business?

For one, the cost of cyber insurance is increasing.  A recent article in Canadian Underwriter predicts the price company’s pay for cyber insurance to double over the next year.  Nick Kidd, director of business insurance at Mitchell & Whale, told Canadian Underwriter: “I think the price has to reflect the reality of the risk, and right now the reality of that risk seems to be getting worse by the day.”  According to Checkpoint, ransomware has increased 41% since the beginning of 2021, and increased 93% year over year. 

For SMBs, a rise in the cost of cyber insurance is problematic, as they may not be able to afford the investment.  The other issue for businesses large and small is that more cyber insurance companies are doing their due diligence when it comes to approving who can get cyber coverage. 

Brent Arnold, a partner at law firm Gowlings WLG in Toronto, told CTV News that a U.S. study found that 73 per cent of insurance brokers and agents are declining more applications. “They’re not just taking the applicants’ word for it anymore. They’re basically having professional firms audit them to make sure that they’re as good as they say they are in the when they apply,” said Arnold.  If your business is not following industry best practices when it comes to cyber security, you could find yourself having to pay a higher rate, or worse, declined for coverage. 

CTV News also interviewed Katharine Hall, a cyber insurance expert at Aon Canada, who confirmed that cyber insurance rates will be going up, but how much the rate increases will depend on how much of a cyber risk insurance companies think your business will be.  Hall said, companies that are doing all the things they are supposed to do in terms of cyber protection, “are looking at a 25 to 35 per cent increase in terms of rate.” For customers who are seen to be more of a cyber risk, they can expect an increase of 50%-60%, according to Hall.

If your business is looking to get cyber insurance coverage, here are some things you need to consider doing before calling your local insurance broker:

  • Quantify all the data and assets on your network. You need a solid estimate on how much personally identifiable information you have, including employee data. You need to quantify exactly everything that you need top protect.
  • Conduct a risk assessment of your company. Identifying security weaknesses and addressing them ahead of time will give you more options when applying for insurance. The more secure you can make your organization, the better for obtaining cyber insurance. 
  • Understand what your company’s cyber security posture is. For instance, do your employees regularly undergo cyber awareness training? Are you using multifactor authentication?  Do you back up all important data and do you know how to restore from those backups should the need occur?  Have you validated that your cloud environment has been configured for security?

Cyber insurance like any other type of insurance, is a necessity in today’s business world.  While it can be difficult, and in some cases costly, to get, it is not impossible.  To learn more about cyber insurance and cyber security best practices, contact Uzado