Free, you say?
You've seen articles showing you how to get something for free before and ultimately, you were left disappointed, I can understand why you'd be sceptical.
However, I can assure you,
This isn't one of those articles.
There truly is a way to get Cyber Insurance for free.
So what is Cyber Insurance?
Cyber Insurance is a form of cover which protects your organisation's computer systems from threats such as data breaches, cyber criminals and hacktivists.
In the event of a breach, it is the insurance which will ensure your reputation is maintained during a troublesome time for your organisation. Cyber insurance gives you the financial, legal and technical support you need to stay resilient and ensures you are not battling against breaches alone.
Why would I need Cyber Insurance?
Whether someone steals data from your systems or you accidentally expose customer details, cyber insurance ensures you'll be covered for any damages you are required to pay.
Also, with the implementation of GDPR in 2018, failing to protect sensitive and personal data can cost your organisation dearly.
Cyber Insurance enables you to have something to fall back on.
How do I get free Cyber Insurance?
You must fit the following criteria to be eligible for free Cyber Insurance:
- Your organisation must have Cyber Essentials Certification at either the basic or plus level
- Your must be certified with an IASME certification body
- Your organisation must turnover under £20,000,000
- Your organisation must be domiciled in the UK
I understand there's the possibility that you've never heard of Cyber Essentials before so let's dive straight into what you need to know about Cyber Essentials.
What is Cyber Essentials?
What is Cyber Essentials?
Cyber Essentials is a cyber security certification which has been designed by the government to make it simple for you to protect your organisation against common cyber threats.
In fact, Cyber Essentials protects you from 80% of all common cyber threats and it does this with the implementation of the five Cyber Essentials controls:
- Firewalls and Internet gateways
- Secure configuration.
- User access control.
- Malware protection.
- Patch management.
How do I become Cyber Essentials certified?
There are four steps to becoming certified for Cyber Essentials:
- Choose an IASME certification body
- Work with your certification body to meet the Cyber Essentials standard
- Complete the questionnaire and wait for your certification body to assess the questionnaire.
- Receive your Cyber Essentials certification
As long as you have a valid Cyber Essentials certification and meet the criteria for cyber insurance, you will always have free cyber liability insurance. You wouldn't need to renew your cyber insurance separately every year.
Cyber Insurance with Cyber Essentials
What is covered with the Cyber Insurance?
The Cyber Insurance policy provides the following up to a limit of indemnity of £25,000:- Liability - claims made against you arising out of media activities and privacy and security wrongful acts.
- Event Management - costs, including emergency costs, following a data breach, including the costs of notifying data subjects. These might typically include payment for Legal, IT, Forensic & PR specialists.
- Extortion Demands - ransoms and other cyber extortion.
- Regulatory Investigations -defence costs & regulatory fines (where insurable by law)
- Business Interruption - loss of profit and / or operational expenses caused by a network compromise.
- Loss of Electronic Data - costs of remedying the issue that allowed the loss or damage to your data and costs to replace, restore or update your data.
£25,000 may be enough to cover your organisation in the event of a smaller breach but with bigger breaches, there is a chance that you will need to seek further cyber insurance and the cost of this is dependent on your organisation's requirements.
Who is the insurer and could I opt out?
The cover is provided by AXA XL and they will appoint specialists to help your organisation in the event of a breach.
Soon as you become certified, you have the option to opt out of the free Cyber Insurance and it wouldn't change the cost of your Cyber Essentials certification.
Also, if you already have Cyber Insurance, you don't have to worry about anything as the policy from the Cyber Insurance policy provided with Cyber Essentials becomes inoperative.
Still have unanswered questions about Cyber Essentials?
If you would like to understand more about Cyber Essentials and the technical steps to become certified, feel free to check out The Ultimate Guide to Cyber Essentials where I'll answer every single question you have around Cyber Essentials (and that's a guarantee!)