Make Friends with Your Cyber Insurance Agent, Part 1—Why It Matters
In an era of rising rates and denied claims, it’s easy to see insurance companies as adversaries. Part 1 of this two-part series looks at why it’s better to see your insurers as partners and leverage their tools and expertise. Later this week, we cover how to do it.
Imagine thinking you have insurance in an emergency, then finding out you don’t.
That’s what happened to Raleigh Radiology Associates in mid-February 2021. The North Carolina radiology group was hit by a brutal ransomware attack that took down most of its network operations. So, the company quickly filed a claim with its cyber insurance provider, a unit of Arthur J. Gallagher, only to learn that its policy had apparently lapsed two days earlier.
Horrible timing or a case of not paying attention? In a lawsuit filed in federal court this past April, Raleigh Radiology alleges the insurer never informed them their policy had lapsed, even though the parties had been discussing a renewal for months. Raleigh claims it lost more than $1 million in recovery costs and downtime until it was able to resume normal operations around five weeks later.
The Raleigh suit, one of several similar legal actions in recent years, highlights a little-known fact about cyber insurance: It’s not enough to just find an agent and purchase a policy; you need to build a relationship with that agent and make that person a part of the team.
Indeed, getting to know your cyber insurance agent and establishing a cordial, ongoing working relationship makes sense for numerous reasons. The first is basic and invaluable: A cyberattack is no time to be working with someone you barely know. And make no mistake about it—there will be a cyberattack some time in your future. In fact, a recent survey from Delinea, a privileged access management solution provider, found 80% of U.S. companies have had to use their cyber insurance, and more than half of those have done so multiple times.
When an incident occurs, you will need to know all the key players who will be part of your incident response. And speed will be critical. In the wake of a cyberattack, every second counts, and an agent who knows and understands your enterprise will be able to work more quickly and effectively to provide the resources you need.
This getting-to-know-you process need not be painful. As a matter of fact, organizations that go out of their way to partner with insurers often realize several benefits:
1. Cyber insurance provides access to useful tools
Some auto insurers will discount rates if clients agree to install devices in their cars to monitor their driving habits. Most motorists don’t take advantage of such offers, though, because they consider the tracking devices too invasive. Enterprise leaders may similarly resist the idea of cyber insurers scanning and assessing their networks to see if they are practicing good cyber hygiene.
When you buy a cyber insurance policy, you get access to some really good resources to help you manage risk and events in a cohesive way.
But some carriers require customers to authorize remote monitoring when signing up for cyber insurance to reduce risk through constant surveillance and alerting policyholders to imminent threats.
Pete Hedberg, vice president of underwriting for Corvus Insurance, which sells cyber insurance, says most insurers have tools that will not only scrutinize networks to make sure they’re designed to fend off attacks but also alert policyholders if they have systems or software that may be prone to new and emerging threats. For example, a Russian hacking gang in June reportedly exploited file transfer software, launching a broad wave of cyberattacks that has since affected more than 130 public and private organizations as well as millions of users worldwide. In response to the vulnerability, Hedberg says Corvus immediately scanned its entire book of business, notified customers who might be affected, and provided remediation advice.
Some insurers also have tools for identifying installed technologies, like pixel tracking programs, which might collect data in ways that lead to government regulatory compliance (GRC) issues. Tracking pixels are tiny snippets of graphical code that marketers and advertisers utilize to gather information about online-user viewing habits and behavior.
[Read also: Will the feds backstop cyber insurance?]
“We’re seeing a lot of privacy litigation emerge, especially in the healthcare field, because of pixel-tracking software,” Hedberg says. “When I go to renew a hospital and ask if they’re using it, they usually ask ‘What’s that?’ And nine times out of 10, the hospital comes back and declares, ‘We didn’t know we were using it. It’s just part of a software package we have. That’s an exposure we weren’t aware of.’”
2. Cyber insurance lets you leverage irreplaceable intelligence
Most cybersecurity insurers also have teams of experienced professionals standing by to assist you in improving your security posture and help you deal with ransomware and other attacks as they occur.
When insurers ask you to implement some software that could be a heavy lift for your organization, …we’re doing it because you’re probably very, very exposed.
These teams often include cybersecurity engineers to examine your network and make recommendations (or lay down requirements, in some cases) for bringing it up to snuff. Many have networks for ransomware negotiators to help you get the best deal if it makes sense to pay a hacker. They also have forensics experts on hand to figure out what happened in the run-up to a successful attack so you can avoid similar events in the future.
“When you buy a cyber insurance policy, you get access to some really good resources to help you manage risk and events in a cohesive way,” says Lewis Guignard, director of data solutions for Guidewire, which sells policy and claims management software to the insurance industry.
[Read also: 5 myths—and realities—about cyber insurance]
3. Cyber insurance helps you recover faster and more cost-effectively
Those same resources can also advise you on building redundancy into your networks, so you do not lose data in an attack and can recover more quickly and efficiently.
They can also assist you in analyzing third-party networks—those linked to your supply chain and other partners—to assess how their security posture might affect your own.
“When we, as insurers, ask you to implement some software that could be a heavy lift for your organization, we’re not doing it to be difficult,” says Hedberg. “We’re doing it because you’re probably very, very exposed. We want you to be safer.”
TO LEARN MORE
Check out the second installment in this two-part series, which details the five steps to a better relationship with your cyber insurer, and these other cyber insurance resources:
Dedicated to helping business executives and IT leaders effectively use technology to connect with customers, empower employees and achieve better results.
Tanium Subscription Center
Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.
SUBSCRIBE NOW
