Before you look at buying cybersecurity insurance that insures against hackers and ransomware that could possibly help you recover quicker. There are some questions that need to be answers or some things you need to think about first.

If you’re considering taking out insurance against hacking and ransomware attacks, the UK’s cybersecurity agency has set out advice just for you.

What can cyber insurance help businesses with if there’s a breach within your company?

After a ransomware attack or data breach having cyber insurance provides

  1. financial support to help put the damage right
  2. helps with legal and regulatory headaches after an incident.

But if you’re looking to this to fix your security issues, it cannot prevent a breach or attack taking place. And the National Cyber Security Centre (NCSC) notes in its new guidance, agrees saying “Just as homeowners with household insurance are expected to have adequate security measures in place, organisations must continue to put measures in place to protect what they care about.

Over the past year, almost 50% of UK businesses reported a cyberattack. But incredibly take-up of cyber insurance by businesses still -remains low.

Cyber insurance may gain some momentum, even if it’s not right for everyone. But remember, it’s not there to replace good security practices says Sarah Lyons, NCSC deputy director for economy and society engagement.

For those companies considering cyber insurance NCSC are asking seven important questions for senior executives at organisations:

  1.  What existing cybersecurity defences do you already have in place?
  2. How do you bring expertise together to assess a policy?
  3. Do you fully understand the potential impacts of a cyber incident?
  4. What does the cyber-insurance policy cover (or not cover)?
  5. What cybersecurity services are included in the policy, and do you need them?
  6. Does the policy include support during (or after) a cybersecurity incident?
  7. What must be in place to claim against (or renew) your cyber-insurance policy?

Certainly, according to NCSC most insurance companies cover the immediate effects of an attack on an organisation by:

Firstly, working to quickly restore network systems and data.

Secondly, seeking to minimise losses from business interruption, according to NCSC.

And finally, any legal action from customers or others affected. Insurance companies generally cover either defending of settling any claims.

But always important to look at in any insurance, is to firstly check out the exclusions. For instance, some insurance policies will not cover money lost through business email compromise fraud.

Secondly, check if new types of cyberattacks are covered. The cyberattack landscape is continually changing as criminals come up with new ways to infiltrate.

Lastly, what types of services does the insurer provide when there’s an incident.

  1. What’s their immediate response?
  2. How will they help manage recovery?
  3. Do they make an assessment and suggest improvements? To learn what went wrong.

Meanwhile, whether to pay the ransom demand or not has been a hotly debated topic.

Firstly, in some cases, insurers have paid the ransoms demanded by ransomware criminals.  The critics say this will just encourage more attacks. And this is true. If criminals are getting their big payday, they’ll of course keep doing the crime.  

But on the other hand, Clients are often faced with a tricky choice between paying off the criminals or a long and complicated job of restoring their computer systems. In some cases, it’s a matter of having to re- build the network again from scratch. Which could be a far more expensive, timely and painful exercise.

Seek out a few insurers to get the best product for the price you’re paying. After all we all need value for money service when it comes time to claim insurance.