3 Things Small Firms Should Do Before Shopping for Cyber Insurance

Posted by The ALS Group on Mar 7, 2017 9:47:44 AM

small business insurance checklist.jpg

Cyber risk continues to evolve at a breakneck pace.

Insurers are working to keep up by customizing policies and endorsements based on the size and business model of the insured. At last week’s third annual International Cyber Risk Management Conference, Matthew Davies, Assistant Vice President of Chubb Insurance Company of Canada, outlined a few key points on what cyber security practices a small organization to already have in place when looking to procure cyber insurance.

Davies's insight allows us to learn more about what insurers are particularly keyed in on.

1. Implement an Employee Education Program

Small companies should have an employee awareness training plan that teaches employees to identify and avoid cyber threats such as phishing scams, infected emails, and sharing password/login credentials.

2. Inventory Personally Identifiable Information

Companies should know what PII data they are collecting, where it is stored, who has access to it and what happens to it when they are done with it.

3. Develop and Test Business Continuity and Incident Response Plans

The expectation of small firms having and testing these plans may be unrealistic, but that shouldn’t deter smaller firms from working toward developing them. Business Continuity and Incident Response Plans are critical elements when remediating and recovering from a cyber incident. They will provide guidance on who handles what and the sequence of events that should occur during a hectic situation.

Additional resources:

You might also appreciate some of our other cyber risk articles:

New Call-to-action

Topics: Cyber Insurance, Cyber Liability, Cyber Risk, Cyber Risk Mitigation, Cyber Security

The ALS Group

Risk Management Blog

We manage more than a quarter billion dollars of premiums for a diverse range of clients around the globe. 

Our areas of expertise include:

  • Enterprise Risk Management (ERM)
  • Cyber Security & Cyber Liability Insurance
  • Construction Management
  • Customized Risk Management Assessments (RMAs)

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all