MANAGE CYBER SECURITY & LEAD
6 WAYS TO GET STARTED ON YOUR AGENCY ’ S CYBERSECURITY DEFENSES
The decision to procrastinate on cybersecurity can prove costly . Here are some essential steps the Big “ I ” encourages you to take promptly .
BY ERIC LIPTON
With no clear overarching federal guidance to date , and a national patchwork of inconsistent rules and regulations , cybersecurity can seem daunting and confusing . Business managers who have not yet faced a significant cyber incident , such as a sensitive data breach , may feel they can put things off and worry about cybersecurity later .
Unfortunately , that decision can prove costly for an agency , broker , or even a major insurance company .
Over the past few years , cyberattacks against small and medium businesses have skyrocketed , particularly in the insurance industry . The COVID-19 pandemic has only accelerated that trend . Cyber regulations have become more widespread . It means that implementing and maintaining a robust and compliant cybersecurity program at your business cannot be placed on the back burner .
Ben Franklin once wrote regarding fire-fighting techniques , “ an ounce of prevention is worth a pound of cure .” Here are six essential steps the Big “ I ” encourages members to take promptly :
Develop and maintain a comprehensive written cybersecurity policy . A written cybersecurity policy is perhaps the most fundamental step for any company ’ s cybersecurity program - it reflects and guides its actual security policies and procedures . It is not just good practice . It may also be required of your business by the federal Gramm-Leach-Bliley Act , state data security laws , and contractual provisions in carrier agreements
Obtain cyber insurance coverage . Cyber coverage has virtually become table stakes for operating in today ’ s business environment . While some agency appointment agreements even require minimum levels of coverage , there are other practical benefits to an agency obtaining coverage .
Cyber coverage may not only help mitigate the impact of an incident , but cyber risk solutions can help prevent incidents before they happen .
Coalition ’ s automated risk assessments identify potential security weaknesses and offer actionable recommendations to improve your agency ’ s security posture . Coalition ’ s ongoing threat and vulnerability monitoring keeps policyholders informed of third-party data breaches , vendor vulnerability notices , malware , infections , and more . A vulnerability disclosure program is a process allowing security researchers to report security
!
The Agents Council for Technology ( ACT ) Security Issues workgroup , in conjunction with Big “ I ” National and Big “ I ” New York , developed a sample template of a written cybersecurity policy for members . The sample can be tailored to your practices and is available as part of ACT ’ s Agency Cyber Guide 3.0 .
18