Cyber Liability Insurance And Protecting SMEs
Embed Size (px)
Transcript of Cyber Liability Insurance And Protecting SMEs
- 1. Duncan Sutcliffe Cyber Insurance And Protecting SMEs
2. Protecting Your Business Commercial Combined / Package Policy Is this sufficient? 3. Its insured Its backed up No worries 4. Lost control of system Unable to trade Data disrupted Everyone contaminated Data protection act IP & confidential data Ransom Litigation ICO, regulator, customers, staff Reputation Clueless & Hopeless 5. No worries!Insurance Claim > New LaptopBackup > 6. Traditional Insurance Things Cyber Liability insurance Your data Third party data Your reputation Accidental or malicious causes Internal or external causes 7. Cyber Liability Insurance Loss, damage or disruption of own data Loss, damage or disruption of other peoples data Forensic investigation costs Legal defence costs Fines & penalties PR & reputation management Extortion Network interruption costs Notification costs & credit monitoring 8. Who needs Cyber Insurance? Obvious Administrative & Online Neglected Control Systems 9. The Supply Chain Suppliers, service providers & contractors SME easy pickings & back door route Insurance & Assurance 10. IASME A new information standard for SMEs 11. ISO27001 International standard Comprehensive Difficult & costly for SMEs to implement Difficult & costly for SMEs to maintain 12. IASME ISO27001 and TSB heritage Simple & inexpensive Self assessed or externally audited options Gold / Silver / Bronze IASME = evidence of cyber security Gold IASME = Baseline ISO27001 13. Process & Costs Self Assessment - 250 Audited Assessment Risk Assessment Gap Analysis Improvement Plan Security Policy Business Continuity Plan Formal Audit 14. Estimated costs Company Size number of employeesBasic Consultancy & AssessmentAnnual Accreditation RenewalUp to 10 employees2,500 - 4,5001,000 - 2,00010 - 25 employees3,500 - 6,0001,000 - 2,00025 - 100 employees 5,000 - 9,0001,700 - 3,000100 - 250 employees2,200 - 4,0006,500 - 12,000 15. Conclusion Review your business Review the vulnerabilities Improve security procedures Business continuity plans Assurance & Insurance 16. Any Questions?