One of the ways an organization can address cybersecurity risk is to transfer the risk to another company. In the same way that information technology has impacted the evolution of businesses of all sizes across all industries, the commercial business insurance industry has evolved to address the growing risks associated with cyber-attacks and other technology-related risks (i.e. multimedia content liability, non-human business interruptions)
This extra-credit presentation discusses the traditional insurance industry's evolution to cover these new business risks, how insurance companies partner with third-party vendors to provide additional cybersecurity protection, and how cybersecurity insurance plays a critical role in today's modern business model in regard to: network security liability, regulatory defense expenses/fines (i.e. PCI or HIPAA fines), breach response, cyber extortion, digital asset restoration, cybercrime. and loss of value due to the theft of intellectual property.
Cybersecurity insurance coverage costs are uniquely determined by the organization's digital assets, risk tolerance, and current security and control management. This presentation discusses the approach to determining the necessary cybersecurity coverage an organization would need, and it provides examples of cybersecurity business insurance policies for specific types of firms and their associated coverage and cost.