Cyber Liability Insurance And Protecting SMEs

Post on 21-Jun-2015

137 views 0 download

description

Insurance broker Duncan Sutcliffe looks at the growing market of cyber liability insurance and how SMEs can protect their business by implementing security measures to include IASME standards.

Transcript of Cyber Liability Insurance And Protecting SMEs

Duncan SutcliffeCyber Insurance And Protecting SMEs

Protecting Your Business

• Commercial Combined / Package Policy• Is this sufficient?

•It’s insured•It’s backed up•No worries…

• Lost control of system• Unable to trade• Data disrupted• Everyone contaminated• Data protection act• IP & confidential data• Ransom• Litigation – ICO, regulator, customers, staff• Reputation• Clueless & Hopeless

No worries!

•Insurance Claim >–New Laptop

•Backup >

• Traditional Insurance – Things

• Cyber Liability insurance– Your data– Third party data– Your reputation

• Accidental or malicious causes• Internal or external causes

Cyber Liability Insurance

• Loss, damage or disruption of own data• Loss, damage or disruption of other people’s data• Forensic investigation costs• Legal defence costs• Fines & penalties• PR & reputation management• Extortion• Network interruption costs• Notification costs & credit monitoring

Who needs Cyber Insurance?

• Obvious– Administrative & Online

• Neglected– Control Systems

The Supply Chain

• Suppliers, service providers & contractors

• SME easy pickings & ‘back door’ route• Insurance & Assurance

IASME

A new information standard for SMEs

ISO27001

• International standard• Comprehensive• Difficult & costly for SMEs to implement• Difficult & costly for SMEs to maintain

IASME

• ISO27001 and TSB heritage • Simple & inexpensive• Self assessed or externally audited options• Gold / Silver / Bronze• IASME = evidence of cyber security• Gold IASME = Baseline ISO27001

Process & Costs

• Self Assessment - £250• Audited Assessment

– Risk Assessment– Gap Analysis– Improvement Plan

• Security Policy• Business Continuity Plan

– Formal Audit

Estimated costs

Company Size - number of employees

Basic Consultancy & Assessment

Annual Accreditation Renewal

Up to 10 employees

£2,500 - £4,500 £1,000 - £2,000

10 - 25 employees £3,500 - £6,000 £1,000 - £2,00025 - 100 employees £5,000 - £9,000 £1,700 - £3,000100 - 250 employees

£6,500 - £12,000 £2,200 - £4,000

Conclusion

•Review your business•Review the vulnerabilities•Improve security procedures•Business continuity plans•Assurance & Insurance

Any Questions?