Tip 1. If you don't know whether you have cyber insurance, you probably don't have it.
Why cyber security?? Cyber events are a common exclusion across general liability policies and require their own standalone policy. . So, while your directors and officers policy (D&O) may look basically the same as the insurance company’s down the street, that is likely not the same for cyber coverage. Therefore, it is important to carefully review your cyber insurance options and not just lock in whatever an insurance broker is selling as premium coverage.
Tip 2. Read the policy wording and understand it.
Cyber insurance cover can diverge drastically from insurance provider to insurance provider, so it is incredibly important to review the actual insurance policy. Why does this matter? Because inevitably there will be terms that govern the policy that are legally defined terms in the policy itself. So, if a dispute arises as to whether an event is covered in an insurance policy, a court is going to look at the actual policy wording. An insurance policy is a contract between you and the insurance company. And, just like a breach of contract action, if there is a dispute later, a court will look to the written agreement between the parties. Therefore, the time to read the policy is now — not during an event.
Tip 3. Exclusions are a pain!
Cyber-risk translates into large financial risk and insurance companies understand this. Phishing and ransomware can both be common exclusions along with business email compromise events. Wire transfer fraud is often not covered. Because of this, it is important to look at your policy to determine what it really and actually covers. I
Knowing that exclusions exist as a common part of cyber insurance, it is important to ask your broker for several cyber insurance policies to compare at the time of binding coverage. Look at your business operations and determine what coverage you need. Is your organisation a software company? Managed service provider? Brick and mortar with a lot of employees? A public office or a financial institution? Hospital? Tailor your cyber insurance to your business.