By Josh Fentin, Commercial Account Executive, Westland Insurance Group Ltd. – Burlington Office

Featured in the Winter 2022 edition of the IT Mill Newsletter.

As cyber-attacks become a daily talking point within our brokerage and in the insurance world, the question has truly shifted from “IF” to “WHEN” your company will face a cyber threat, and to what degree you will be prepared to overcome it.

Business owners can obtain a high degree of confidence for dealing with cyber attacks using a two-pronged approach:

#1. Security infrastructure, policies, and procedures coupled with back-end recovery capabilities.
#2. A comprehensive Cyber Insurance policy to respond when systems are breached.

As with other forms of insurance, higher risk and more frequent claims can drive premiums to become prohibitively expensive and challenging to place. With this new reality, how prepared is your organization to handle a cyber breach?

A Canadian Underwriter article from September 2021 gives the perspective of a Cyber Insurance executive from one of Canada’s leading Cyber insurers – Coalition Insurance: The cyber insurance industry is battling “a perfect storm between widespread technology risk, increased regulations, increased criminal activity and carriers retracting coverage”.

According to George Bozanin, managing partner and head of business development for Coalition Insurance Canada, “Cyber risk is set to become the defining risk of our age”. Bozanin continued “the average ransom demand made to Coalition’s policy holders in the first half of 2021 was a staggering $1.2 million”. Within a 1-year period, Coalition reported an increase in claims frequency in multiple sectors:

+ 263 % for industrial business
+ 99 % for manufacturing
+ 53 % for professional services
+ 46 % for IT
+ 30 % for non-profits

To help combat the rising tide, our firm recommends starting with an internal review of IT security protocols, strategic partnerships, and insurance programs to determine readiness and risk appetite for your organization. The key with all of this is not to delay.

We recommend aligning yourself with a cyber-focused IT professional, have your staff trained on how to spot phishing attacks, and know what to do if something seems “off”. As underwriting guidelines continue to tighten, measures such as employee awareness training, multi-factor authentication, and advanced threat protection, all help to protect your business and allow access to cyber-insurance.

Contact your insurance broker and IT expert to discuss how your firm should prepare.