May 20 2022
Security

How to Lower a Small Business’s Cyber Insurance Premiums

Carriers that write such policies will want to see that you have taken these four steps.
Nick Suda
by

Nick Suda is a security solution specialist for CDW, consulting on the sales, planning and development of security solutions.

Responsible businesses do all they can to protect their data from threat actors, but sometimes hackers can breach even the best defense. When they do, you better believe those businesses are grateful to have cyber insurance.

If you think cyber insurance is unnecessary, you may want to reconsider your position — especially if you run a small business. Hackers generally seek the path of least resistance, so small businesses have a target on their backs because threat actors think they’re easier to infiltrate. And it’s not just the price of fixing the breach, but the disruption of business that you have to worry about as well. I’ve spoken to customers who said they were down for three days, which is enough to drive some people out of business.

A hacker may choose to go after a data server that has all your customers’ information in it, or they may zero in on a C-suite executive at your company. Hackers are also naturally drawn to businesses that are about to go public. If you’re filing for an IPO, they know there will be lots of money around. Venture capital firms are also magnets for hackers who stand to gain inside information on new companies and things hitting the market. At the end of the day, it’s all about monetary gain.

RELATED: Learn more about the protection cyber insurance can offer.

What Is Cyber Insurance, And How Can It Protect You?

Basic cyber insurance covers liability. That means that if something were to happen on your network, insurance would make sure it got cleaned up. But cyber insurance also has a few other uses. Providers may help negotiate and pay a ransom for some types of ransomware, or cover IT forensics. There are many plans — and you’ll want to investigate which one is right for you — but what they all have in common is that they provide resources and help when they are needed most. 

The premium you pay depends on your business, but like other kinds of insurance, you can lower the premium by demonstrating that you represent a lower risk to the insurance carrier. Just as car insurers charge less to cover safer cars, cyber insurance carriers will charge less to cover safer businesses.

Click the banner below to unlock exclusive cloud content when you register as an Insider. 

Cloud Insider Cloud Insider

How Small Businesses Can Lower Their Cyber Insurance Bills

Businesses can take a few steps to lower their cyber insurance premiums, and the best part is that these will also reduce the chances that a threat actor will successfully breach your organization:

  • Get a yearly security assessment. A security assessment includes a thorough review of your defenses against the latest best practices, identifying areas for improvement. An assessment may include such tactics as a penetration test, which involves “ethical hackers” working on your behalf to try to breach your network, giving you key intel on where your vulnerabilities are.
     
  • Deploy multifactor authentication. MFA options have evolved; they needn’t be awkward for staff to use or difficult to deploy. Plus, you can optimize your MFA to serve you where you need it most; for example, to secure your collaboration and productivity suite or to automate password resets.
     
  • Implement endpoint detection and response. Next-generation endpoint protection tools enable organizations to report on security incidents in great detail, use intelligence about threats worldwide and work effectively with other tools in an organization’s cyber defenses. With this information, an organization can prioritize the mitigation of high-risk vulnerabilities.
     
  • Put an incident response plan in place. A well-designed incident response plan brings the calm, collected environment of the planning room into the chaos of a security incident. Businesses should revisit their plans regularly to ensure they’re ready to meet their organizations’ needs based upon their current operating environment and the modern threat landscape.

WATCH: Learn how to develop an incident response plan to protect your organization.

Check as many of these boxes as you can before you meet with the insurance broker; especially if you work at a small organization with just a few IT people, it can be challenging to implement all these measures at once.

CDW can help you find the right MFA and EDR solutions and can assist you in their deployment and management, if needed. We also provide security assessment, penetration testing and incident response services. For example, we offer a zero-dollar retainer in which you are billed only for any work we do to help you restore your systems in the event of a breach. 

Cyber insurance is a highly recommended investment. Getting back up and running and minimizing the damage after a breach is crucial, and cyber insurance can help make that happen quickly.

This article is part of BizTech's AgilITy blog series. Please join the discussion on Twitter by using the #SmallBizIT hashtag.

Agility_Logo_sized.jpg

Getty Images/ blackdovfx

More On

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now