Question

1.Do you think cyber insurance is necessary? If a company has strong enough security policies and technology-based protection, does it need cyber insurance?

2. What types of events (risks) do you think a cyber insurance policy should cover?

3. If you were an underwriter for a cyber insurance policy, and your job is to evaluate a company's security risks, what are some of the things you would look at and look for, both positive and negative.

Answer 1

2. Cyber insurance is a type of insurance product that is being designed to help the business hedge against the devastation of cyber attacks such as ransomware, malware, DDoS attack or any other type of network compromise. Yes cyber insurance is necessary and it is better for an organisation.to have it though they have high secured infrastructure. But these powerful viruses can break break into any secured infrastructure and can cause damage.

2. Most of the cyber insurance policies and plans help in covering broad range of cyber risk losses which may caused by cyber attacks. Some plans even provide coverage for physical damage to the hardware or even covers the business losses caused by cyber attack.

3. Being an underwriter for cyber insurance policy, here are the things I should look at or look for:

• Firewalls: I will look for firewalls and also check the allow and deny rules stated in the firewalls. Firewalls are actually the basic part of a security.
• Sources of attack: next I will try to figure out the sources of the attack from where the attack is carried out. This is actually important to check the actual sources of the attack.
• Type of damage: This is another important stage where being an underwriter for cyber insurance, you have to emphasized on the impact of the cyber attack. Depending upon the loss, the reimbursement will be initiated.