Cyber Insurance Cyber Insurance: Here's what you need to knowImagine keeping all of your valuable belongings in your home, then hiding the key under the front-door mat when you go away on vacation. Doing the bare minimum to protect your assets would likely be unthinkable.Leaving your business's data – perhaps its most valuable asset – vulnerable to theft should be just as unthinkable. You need to do everything you can to protect it. With the increased number of Canadians working from home, and a dramatic surge in online business activities, organizations are facing an elevated risk of cyberattacks. Criminals are attempting to take advantage of the pandemic and targeting commercial enterprises.It's critical to do as much as possible to protect your business' assets, while being prepared for the worst case scenario.Cyber InsuranceSpeciality insurance coverage for cyber risks is relatively new and continually evolving. Speak to your insurance representative to find out what coverage might work best for you to reduce your cyber risk.Cyber insurance can cover a range of cyber events, including: Data confidentiality breaches: The loss of and/or unauthorized access to or disclosure of confidential or personal information; Cyber extortion: A demand for payment under threat of causing harm to your data; for example, disabling your operations or compromising your confidential data; and Technology disruptions: A technology failure or denial-of-service attack. Cyber insurance can help businesses cover a number of costs resulting from these events, including: Legal and civil damages: Paying for legal representation and possible damages related to a privacy or network security breach; Security breach remediation and notification expenses: Notifying affected parties and mitigating potential harm from a privacy breach, such as providing free credit monitoring; Forensic investigations expenses: Hiring a firm to investigate the root cause and scope of the data breach; and Computer program and electronic data restoration expenses: Restoring or recovering damaged or corrupted data caused by a breach, denial-of-service attack or ransomware. Cyber insurance products are provided in one of three ways: Stand-alone cyber insurance policies (policies specifically for cyber risks) are the most common cyber policies in Canada, the United States and Europe. A traditional property and liability insurance policy may include coverage for cyber events. These policies typically have very low limits that would not cover the full cost of a breach or cyber attack. Endorsements (also known as riders) can add, remove or exclude certain cyber coverages, altering a cyber or traditional insurance policy to meet specific needs. Unlike stand-alone cyber insurance, which clearly defines the parameters of cyber coverage, as noted above, many traditional policies do not specifically refer to cyber risks. If your business is vulnerable to cyber risks, don't rely on a traditional commercial policy. Talk to your insurance representative about what kind of insurance solution best suits your needs. Speak to your insurance representative to make sure you have the right cyber coverage for your business. Six questions to consider when buying cyber insuranceHow many records containing personal information does your organization retain or have access to?How many records containing sensitive commercial information does your organization retain or have access to?What security controls can you put in place to reduce the risk of having your system compromised?Do all portable media and computing devices need to be encrypted?Is unencrypted media in the care, custody or control of your third-party service providers?Could you make a claim if you were unable to detect an intrusion until several months or years had passed?Cyber insurance cost and availabilitySpecialty insurance coverage for cyber risks is relatively new and continually evolving. While the need for cyber insurance has increased in recent years, the frequency and severity of claims have increased at a faster rate. Data from MSA Research shows that over the past three years, insurers paid out $2.30 in claims and operating expenses for every dollar they earned in premiums. Consequently, some business owners may experience challenges when trying to secure adequate or affordable cyber insurance. Speak to your insurance representative to find the coverage you need to reduce your cyber risk.ResourcesProtecting Canadians from Cyber ThreatsProtect Your Organization From Cyber Risk Related ServicesProtect your organization from cyber riskAs more people began to work from home, more criminals began to prey. Many small businesses adopted digital processes and moved some of their business online, and cyber criminals found yet more opportunities.Many small businesses vulnerable to cyber attacksA cyber attack can be expensive. According to a 2021 IBC survey, almost half of the small business owners that had been subject to a cyber attack reported that it had cost them at least $100,000. Useful LinksConsumer Reports Security PlannerCut down on data collection and prevent hackers from invading your laptop, tablet and even your phone. Answer a few simple questions to get customized recommendations to help you: Safely backup files, Browse online without tracking, Avoid phishing scams & Prevent identity theftCyber Centre reminds Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activityAs geopolitical tensions continue to rise, Canada’s Cyber Centre is following the cyber threat environment in Canada and globally, including cyber threat activity directed at critical infrastructure network operators, their operational and information technology (OT/IT).Top measures to enhance cyber security for small and medium organizationsLooking for steps you can take to protect your organization’s networks and information from cyber threats? To get you started, we have summarized the 13 security control categories that are identified in our Baseline Cyber Security Controls for Small and Medium Organizations and form the foundation for the CyberSecure Canada Certification program.Get Cyber SafeWhen it comes to cyber security, educating your employees is the first, best defense against most online dangers. And there are many ways to help them get the message, from internal newsletters and staff emails to seminars and lunch and learns.CyberSecure CanadaCyberSecure Canada is the federal government’s cybersecurity certification program for small and medium-sized organizations (SMOs).