Businesses today are besieged with regulatory and compliance requirements that seem to become more onerous year by year. A new requirement that is being placed on businesses include security solutions that are required by their Cybersecurity insurance carriers.

Some of the requirements imposed by the government (State and Federal/European) include:

  • Notification requirements to alert impacted customers that personal information was compromised California Civ. Code s. 1798.82(a)
    • If your business has had a security breach, you can submit the information here Submit Data Security Breach on the OAG.ca.gov website
  • If you do business in Europe and fall under GDPR requirements there are several other requirements that companies must abide by.
    • Information regarding GDPR, especially regarding data protection and working remotely can be found on the gdpr.eu site

Why do companies get Cybersecurity insurance?

Companies are looking to manage the risks associated with storing and processing customer data.  Areas that might be covered under your policy include:

  • Forensic analysis
  • Breach notification support
  • Credit monitoring services
  • Lawsuit associated costs (defense, settlements and judgements)
  • Business interruption / Cyber Extortion

What do we have to do to qualify for Cybersecurity insurance?

To qualify, you need to be able to answer questions regarding how your company handles and secures your systems and data.

  • Does your company collect or handle sensitive information like credit card data (PCI), personally identifiable information (PII) or protected health information (PHI)?
  • Is your information safe and secure?
    • Encryption
    • Data Storage
    • Backup and Retention
    • Disaster Recovery
    • Multi-factor authentication
    • Web applications that interact with customers and stores login or other sensitive data
  • Do you have security tools that meet new requirements
    • Next Generation EDR/XDR anti-virus and detection response
    • SIEM solution for log analysis

If you find that you need assistance in meeting some or all of these requirements, give us a call.