Looking into cyber risk insurance
More and more businesses are coming to the conclusion that the probability of falling victim to a data breach is high.
Moreover, the cost of data breaches is getting higher and higher for organisations around the world as cyber thieves become more sophisticated and target valuable financial and personal records.
The direct costs associated with a breach include hiring experts to fix the problem and mitigate the damage, pinpointing the cause, and dealing with customers whose data might have been compromised. And then there is the incalculable loss of reputation, and business lost as a result.
"In order to transfer some risk, companies have started to purchase cyber liability insurance," says Jake Kouns, CISO of Risk Based Security.
Kouns will be presenting on 'These aren't the IR processes that you are looking for' at the ITWeb Security Summit 2016, between 16 and 20 May at Vodaworld in Midrand. His presentation will provide information on the current data breach landscape and then a behind the scenes look into cyber liability insurance.
"Most companies by now have already implemented an incident management programme," he adds. "In fact, some companies have a very mature incident response process, dedicated teams and even have had the unfortunate experience of responding to a data breach."
Kouns says with the rise of cyber insurance, incident responders and management need to understand how insurance can impact them and their processes, both good and bad. "If a responder isn't aware of the requirements it could invalidate their coverage or end up costing their organisation financially."
Security practitioners and responders are in many cases unaware of how the insurance process works when there is a data breach and do not understand the requirements that can affect the incident response process, he says.
Delegates will walk out of the session with a solid understanding of cyber insurance. Kouns will discuss some of the things companies need to consider as they integrate insurance into their risk management and incident response plan.