No Single Answer: Balancing Cybersecurity Insurance and a Strong Security Program

No Single Answer: Balancing Cybersecurity Insurance and a Strong Security Program

Information security has now moved beyond compliance and IT due diligence and into the direct concern of top corporate executives and their legal teams. Boards of directors, CEOs, and others are more in tune with the gaps in their organizations’ information security programs than ever before and are looking for ways to mitigate the risk these gaps create.

Insurers have come to the table with a new product to try to fill the market need: cybersecurity insurance. These policies are drafted to cover losses associated with cybersecurity incidents, including forensic costs and legal fees.

While cybersecurity insurance sounds great at a high level, are businesses truly aware of whether or not they provide actual benefit? Do organizations understand how cybersecurity insurance plays with—or doesn’t—contractual obligations pushed down from their customers? Should businesses be focusing more on proactive security safeguards to avoid an incident and less on reactive solutions designed to save cost?

Mark Stanislav and Nick Merker merge the worlds of information security and law to give a direct analysis of what businesses are getting right and wrong when it comes to security programs and how they can be more prepared to succeed—with or without insurance policies on hand. Mark offers his perspective on often overlooked or underutilized defensive techniques that can provide true security value for less than a cybersecurity insurance deductible, gained from helping build security programs for organizations, and explores how his customers deal with the subject of cybersecurity insurance. Nick then speaks to the legal technicalities of cybersecurity insurance, sharing what businesses should know, the pros and cons of these types of policies, and some public stories of coverage success and failures.

Come join Mark and Nick as they dive into the nascent world of cybersecurity insurance, relating stories of success and failure and providing guidance to strengthen organizations, with the goal of making insurance policies your last line of defense.


Mark Stanislav

November 02, 2016