Asking the Right Questions About Cyber Insurance

One of the ways business stakeholders attempt to reduce risk (or, at least, offset the potential impact of consequences), is by buying cybersecurity breach insurance. Most of our clients have it—some because they want it, others because they’re required to carry it by regulation.

In this post, I’ll look at what your expectations and outcomes should be for cyber insurance, and how we should view it in the context of other cybersecurity solutions, like managed detection and response. I also talk pitfalls of thrown-together cost/benefit analyses, and the impacts on your business (and state of mind) if you treat this as a replacement for security. If you have purchased or are considering purchasing cyber insurance, I urge you to follow the path to the Nth degree and assess whether having an insurance policy that pays out will actually benefit your business.

Spoiler alert – getting to the right questions require you to specify (and, possibly reset) your expectations about how cyber insurance should help.

*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by Effi Lipsman. Read the original post at: