Cyber Liability Insurance And Protecting SMEs
description
Transcript of Cyber Liability Insurance And Protecting SMEs
Duncan SutcliffeCyber Insurance And Protecting SMEs
Protecting Your Business
• Commercial Combined / Package Policy• Is this sufficient?
•It’s insured•It’s backed up•No worries…
• Lost control of system• Unable to trade• Data disrupted• Everyone contaminated• Data protection act• IP & confidential data• Ransom• Litigation – ICO, regulator, customers, staff• Reputation• Clueless & Hopeless
No worries!
•Insurance Claim >–New Laptop
•Backup >
• Traditional Insurance – Things
• Cyber Liability insurance– Your data– Third party data– Your reputation
• Accidental or malicious causes• Internal or external causes
Cyber Liability Insurance
• Loss, damage or disruption of own data• Loss, damage or disruption of other people’s data• Forensic investigation costs• Legal defence costs• Fines & penalties• PR & reputation management• Extortion• Network interruption costs• Notification costs & credit monitoring
Who needs Cyber Insurance?
• Obvious– Administrative & Online
• Neglected– Control Systems
The Supply Chain
• Suppliers, service providers & contractors
• SME easy pickings & ‘back door’ route• Insurance & Assurance
IASME
A new information standard for SMEs
ISO27001
• International standard• Comprehensive• Difficult & costly for SMEs to implement• Difficult & costly for SMEs to maintain
IASME
• ISO27001 and TSB heritage • Simple & inexpensive• Self assessed or externally audited options• Gold / Silver / Bronze• IASME = evidence of cyber security• Gold IASME = Baseline ISO27001
Process & Costs
• Self Assessment - £250• Audited Assessment
– Risk Assessment– Gap Analysis– Improvement Plan
• Security Policy• Business Continuity Plan
– Formal Audit
Estimated costs
Company Size - number of employees
Basic Consultancy & Assessment
Annual Accreditation Renewal
Up to 10 employees
£2,500 - £4,500 £1,000 - £2,000
10 - 25 employees £3,500 - £6,000 £1,000 - £2,00025 - 100 employees £5,000 - £9,000 £1,700 - £3,000100 - 250 employees
£6,500 - £12,000 £2,200 - £4,000
Conclusion
•Review your business•Review the vulnerabilities•Improve security procedures•Business continuity plans•Assurance & Insurance
Any Questions?