August 10, 2022

How to Lower Cyber ​​Insurance Premiums for a Small Business

Responsible companies do everything they can to protect their data from threat actors, but sometimes hackers can breach even the best defense. When they do, you better believe these companies are grateful to have cyber insurance.

If you think cyber insurance isn’t necessary, you might want to reconsider, especially if you’re running a small business. Hackers usually seek the path of least resistance, so small businesses have a target on their backs because threat actors think they’re easier to infiltrate. And it’s not just the cost of repairing the flaw, but also the business disruption you have to worry about. I’ve spoken to customers who said they were down for three days, which is enough to push some people out of business.

A hacker may choose to attack a data server containing all of your customer information, or they may focus on a senior executive in your company. Hackers are also naturally drawn to companies that are about to go public. If you file for an IPO, they know there’s going to be a lot of money around. Venture capitalists are also magnets for hackers who can get inside information about new companies and new things coming to market. In the end, it’s all about monetary gain.

RELATED: Learn more about the protection cyber insurance can provide.

What is cyber insurance and how can it protect you?

Basic cyber insurance covers liability. This means that if something were to happen to your network, insurance would make sure it gets cleaned up. But cyber insurance has a few other uses too. Vendors can help negotiate and pay ransom for certain types of ransomware, or cover computer forensics. There are many plans out there – and you’ll want to research which one is right for you – but what they all have in common is that they provide resources and help when you need it most.

The premium you pay depends on your business, but like other types of insurance, you can lower the premium by demonstrating that you pose a lower risk to the insurer. Just as car insurers charge less to cover safer cars, cyber insurance companies will charge less to cover safer businesses.

Click the banner below to unlock exclusive cloud content when you sign up as an insider.

Cloud Insider

How Small Businesses Can Lower Their Cyber ​​Insurance Bills

Companies can take a few steps to reduce their cyber insurance premiums, and the best part is that it will also reduce the chances of a malicious actor successfully breaking into your organization:

  • Get an annual Security assessment. A security assessment includes a thorough review of your defenses against the latest best practices, identifying areas for improvement. An assessment can include tactics such as a penetration test, which involves “ethical hackers” working on your behalf to attempt to break into your network, giving you key information about where your vulnerabilities are located.
  • Deploy multi-factor authentication. AMF options have evolved; they don’t need to be inconvenient for staff to use or difficult to deploy. Plus, you can optimize your MFA to serve you where you need it most; for example, to secure your collaboration and productivity suite or to automate password resets.
  • Enforce endpoint detection and response. Next-generation endpoint protection tools enable organizations to report security incidents in great detail, utilize global threat intelligence, and work effectively with other tools in cyber defenses of a organization. With this information, an organization can prioritize mitigating high-risk vulnerabilities.
  • Put one incident response plan in place. A well-designed incident response plan brings the calm and serene environment of the planning room into the chaos of a security incident. Businesses should regularly review their plans to ensure they are ready to meet the needs of their organization based on their current operating environment and modern threat landscape.

LOOK: Learn how to develop an incident response plan to protect your organization.

Check as many of these boxes as possible before meeting with the insurance broker; especially if you work in a small organization with only a few IT people, it can be difficult to implement all of these measures at once.

CDW can help you find the right MFA and EDR solutions and can help you deploy and manage them, if needed. We also provide security assessment, penetration testing and incident response services. For example, we offer a zero dollar provision where you are charged only for any work we perform to help restore your systems in the event of a breach.

Cyber ​​insurance is a highly recommended investment. Getting back up and running and minimizing damage after a breach is crucial, and cyber insurance can help do that quickly.

This article is part of BizTechfrom the AgilITy blog series. Please join the discussion on Twitter by using the #SmallBizIT hashtag.


Getty Images/blackdovfx