Whatever type of business you operate, you will probably have taken out some kind of insurance to protect yourself and your customers. Now is a good time to check if your policy provides cover against cyber-attacks.

With cyber-attacks taking place more often and the legal requirements surrounding data protection, cyber-insurance cover is becoming increasingly important. It has been reported that over half of UK businesses in the last twelve months have experienced some kind of cyber-attack.  A major incident such as a ransomware attack or a data breach can cripple a business, and if your business is hit, a good cyber-insurance policy will provide both financial protection and help with any legal issues that may arise.

If you need a little more convincing, here are four questions you should ask yourself before purchasing cyber-insurance cover.

Have you got any cyber-security defences in place?

A crucial question. If your company hasn’t put anything in place to protect it against a cyber-attack, you may not even be eligible for insurance. You probably need to engage with an IT consultancy to review this and see what might be needed. A good IT consultant can also help you determine if any confidential information you hold is secure and is compliant with legal data protection requirements.

Do you fully understand the potential impact of a cyber-attack on your business?

The truthful answer for many businesses is “probably not”. Until it has happened, and sensitive information and data have been compromised, the likely impact of an attack cannot be fully understood.  If you have sensitive data such as customer or employee information within your IT system, it is worth reviewing your cyber-security and thinking about insurance.

What does a cyber-insurance policy cover and does it include support during and after a cyber-security attack?

As with all insurance, different cover levels can be purchased and for different risks. This is where it is probably a good idea to get an IT consultancy involved. They will be able to advise on the data your business holds and explain in a ‘non-techie’ way, what the impact of an attack could be and the support your business would need to get your IT systems back to normal. From this, you can tailor your cyber-insurance policy to suit your particular requirements.

And finally, what must be in place to claim against your cyber-insurance policy?

As with most insurance policies, they are renewed every 12 months and in the world of data management and cyber-attacks, a lot can change in that time. So, the onus is on the business to ensure systems security policies and procedures are legally compliant, up to date and enforced, so if you make a claim the insurance cover is valid.

If you need Greystone to advise on any aspect of cyber-security for your business, then do get in touch.

Greystone: Making sense of IT and software solutions