Cyber insurance: The first line of defense or the last resort?

Derik Belair, CEO and co-founder of Augmentt

There’s no shortage of opinions on the importance of cyber insurance. In a time when cyber criminals are seemingly everywhere and hacking into everything, businesses of all sizes are looking for ways to combat cyber attacks – using both preventive measures in the form of cybersecurity technologies and solutions, and mitigation techniques like cyber insurance.

A relatively new industry, however, cyber insurance is deeply challenged by constant change and the need for technological expertise that goes far beyond that of typical insurance underwriting. Some observers have suggested that given the complexity and uncertainty involved for both parties (i.e., the carriers and those who seek coverage) cyber insurance should be viewed as a “last resort” in an organization’s overall strategy to fight against cyber crime.

My conversations with Doug Kreitzberg, Founder and CEO of SeedPod Cyber, have revealed that what these observers are failing to see, is that cyber insurance is increasing in popularity, and for good reason. First and foremost, according to Kreitzberg, it can be vital to an organization’s long-term viability, even when merely mitigating the damage of data breaches, malware, and other attacks.

Yet, what he and I both agree on is that like any security measure put into place, cyber insurance is only as effective as the underlying strategy put in place to support it—a strategy that must include robust and proactive security measures that themselves minimize and eliminate threats before they become real.

This is precisely why some carriers like SeedPod, and those who have been granted underwriting authority by an insurer, such as a Managing General Agents (MGAs) or Managing General Underwriters (MGUs), are looking at an organization’s internal controls, such as how they monitor and protect their IT infrastructure, when establishing pricing and setting the terms for cyber insurance policies.

Using advanced IT expertise, these carriers will go behind the firewall to validate an organization’s security efforts in partnership with an MSP. By doing this, the carrier puts themselves in a much better position to evaluate risk and provide an economic advantage to all parties.

Of course the outcome of all this is still dependent on the quality of what’s going on behind the firewall. That is why it is so important that MSPs team up with providers who can give them a 360-degree view into the security of their IT infrastructure environments.

Combining prevention, policies, and posture will enable MSPs to more effectively manage their clients environments. With these tools in place and used effectively, cyber insurance becomes a much more cost-effective element in an overall strategy for modern IT security.

About the Author: As President and CEO, Derik Belair leads the vision, strategy, and growth of Augmentt, a SaaS Security & Management platform for MSPs.