8Aug

Risk awareness is paramount when shopping for the right cybersecurity policy for your business.

As “work-from-anywhere” becomes the norm, insurance providers in Asia have started revisiting current policies and integrating more cover for remote teams and increased digital interactions between team members.

For risk managers, we recommend noting these four considerations when selecting a cover:

1. Identify your business’ specific risks.

Start by making evaluating your weak points online. The nature of these risks will be essential in determining the right type of cover for you. Remember that insurance policies will differ based on your industry.

Unlike other types of insurance, deductibles in a cyber insurance policy are based on a specific timeframe, usually 72 hours, instead of an amount.

Look for an insurance policy that specifically covers potential damages from, say, cloud-based storage of payment information, customer data, or other sensitive information.

How secure are financial transactions such as wire transfers? Check if the policy will cover your risks in case you’re a third-party vendor for payments.

2. Does your business practice BYOD (Bring Your Own Device)?

Again, with more businesses shifting to remote offices or a hybrid work set-up, it’s very likely that employees will be taking company-issued devices with them. In case of loss or theft, will your cyber insurance policy cover the potential cost of, not just the device, but more importantly, the information saved in those devices?

Do you trust your team to manage sensitive data as they would their own? Have they been educated to practice security practices?

3. The value of the insurance and triggers

Do the maths to get the average cost of one stolen record with sensitive or confidential information and multiply that by the number of sensitive records you have in storage plus a projected number of growth in the next two years (at least). That is the amount your cyber insurance should cover.

On top of the value amount, make sure to ask what will trigger the insurance. Will the policy take over only with a deliberate attack, or will any type of breach like an unintentional human error trigger it?

4. Consider buying cyber insurance from a one-stop-shop 

Unless you already have a firm helping you secure your system, might we recommend getting a policy from an insurance provider that can also provide cybersecurity? Partnerships between insurance companies and cybersecurity firms have become more common in the Asian market.

Cybersecurity companies may offer a service that audits a company’s current capabilities so they can make policy applications easier for insurance agents. It is a mutually beneficial partnership that will give all parties involved an advantage and it will make it easier for businesses to cover all their bases in one go.

One-stop shops may also offer custom policies with add-ons that can fit your need. We can help you find the best ones so feel free to inquire here.

Email us or chat with us for more questions about personal and business insurance for expats in Hong Kong.