Security

4 Tips for Securing and Keeping Cyber Insurance Coverage

Obtaining and retaining cyber insurance coverage requires proactive preparation.

Tanya Candia is an international management expert, specializing in information security strategy and communication for public and private sector organizations for more than 25 years.

Cyberthreats continue to be an issue for universities, putting them at risk for compromising massive amounts of sensitive data or experiencing service interruptions. Cybersecurity insurance has proved its value, but coverage is becoming more difficult to obtain.

Universities face increased scrutiny of their security measures, user training, and where and how data is stored and used. Here are four tips for increasing the probability of qualifying for and retaining cyber insurance.

1. Conduct a Security Risk Assessment

Policies are more likely to be approved with lower premiums when strong security is demonstrated. A security risk assessment will involve IT and network security, finance (to identify the level of risk transfer — premiums, limits, deductibles, etc.) and legal departments for privacy policies, breach response planning and contractual protection with vendors.

This assessment can identify vulnerabilities and allow you to make relevant improvements while providing transparency into your cybersecurity controls.

Click the banner below to explore services that can help you manage your IT environment.

2. Build a Comprehensive Incident Response Plan

Policies, procedures and technology should all support an incident response plan. Underwriters want to see a level of planning that corresponds to the risk, specifically tailored to anticipated threats and sometimes following a framework such as those from the National Institute of Standards and Technology or ISO.

Include in the plan any partners you rely on, such as law firms, forensic IT specialists or notification firms, and make sure they are on a list of vendors approved by the insurance company.

3. Select and Train an Incident Response Team

Technology that monitors systems will produce alarms and alerts. Make sure you have an incident response team in place to assess those alerts, determine the potential impact and carry out any needed remediation.

The team needs clear procedures and should do frequent tabletop exercises to ensure effectiveness in the event of a crisis. Zero-day vulnerabilities, in particular, must be remediated as soon as they are discovered — hopefully before a hacker exploits them.

4. Once You Get Insurance, Keep It

Cyber insurance vendors are seeing steep increases in the cost of insurance, partly due to the increasing prevalence of ransomware attacks. Expect vulnerability scans, as required by policies, and increased premiums and/or reduced coverage. Universities should perform their own continuous assessment and monitoring to obtain renewal coverage, based on controls such as multifactor authentication, endpoint detection and response, privileged access management, and other methods that can quantify their exposure to cyber risks.

Gary Waters/Ikon Images