Okay, So now we're getting ready to wrap up this session. Our last topic will be focusing on cyber security insurance underwriting. So how exactly does an insurance underwriter assess your risk in a sign of premium?
first, they need to determine that hazard grade. An example of this might be what type of information are you processing?
in a business vertical that historically
has higher averages of a breach such as recently with health care or baking your finance review The controls that are in place.
Do you have a firewall? You have I D. S. Do you have policies and procedures? Things like that consider discretionary factors. An example of this would be, let's say, compensating controls evaluate the company's individual risk exposure
and then a sign of dollar value
that allows them to understand what the limits are needed to address those very same
Remember service Lights ago,
we were exploring a cost benefit analysis for potentially outsourcing a variety of internal job requirements to a mansion security service provider and one of things that we were looking at our other factors to consider such a CZ. The costs of instant response
legal defense breach notification and credit monitoring.
And I had asked the question
And do you have cyber insurance? And if you don't, how do you plan paying for that? It's important for you to understand
the largest percentage of your policy
is utilized for incident response and disaster recovery to the tune of over 80%. So if you have a $1,000,000 policy
and you think that you're covered, taking a consideration that about $800,000
for the cost of instant response and disaster recovery,
which is great because that's money out of the insurance company's pocket and not yours. So that is a definite plus.
However, that only leaves you about $200,000 left to deal with breach notifications or potentially credit monitoring,
and doesn't even begin to scratch the surface on what your potential costs for legal defense might be.
Through the course of this session, we have covered a lot of ground.
My sincerest hope is that our time together has exposed you to some new concepts that will help you with your professional growth and development. As a separate professional