Insurance Companies Are Asking My Business About Its Cybersecurity. What’s the Deal?

You might have noticed that business insurance companies are starting to show an interest in how you are protecting your technology and data. If your org has been in touch with your insurance provider regarding modifying or renewing your business insurance, you were likely handed a lengthy questionnaire about your cybersecurity. Let’s take a look together to help you make informed decisions on how to handle your IT and how to prevent your insurance costs from skyrocketing.

Help! My Business Insurance Company is Asking Questions About My IT!

It might come as a shock to some business owners when they receive a long questionnaire with a lot of technical questions from their business insurance agent. Every provider will be a little different, but in our experience, they are generally asking questions about who handles your IT, how many endpoints you have, what vendors you use, and questions about your backup, cloud hosting, and cybersecurity.

We’re talking about insurance here, so it’s obvious that your answers to these questions could play a role in your actual coverage, your insurance premiums, and in some situations, whether you are actually eligible for coverage.

We’ve been getting questions about this a lot lately, both from clients and other New Hampshire businesses who are worried that they might lose coverage because their IT isn’t as organized or as up-to-date as their insurance provider wants it to be.

It’s a stressful situation, for certain.

Let’s Take a Look at What Your Insurance Company is Asking

Every insurance company is going to be handling this a little differently, and there will be even more variables depending on the industry you are in, the size of your organization, and a few other factors. 

Generally though, the big questions cover more or less the same handful of topics:

  • Do you store sensitive information?
  • If so, where, and how do you back it up?
  • What kind of security policies do you enforce (strong passwords, multi-factor authentication, etc.)?
  • Who is responsible for the management and upkeep of your information technology?
  • How are you protecting electronic correspondence?
  • Are you providing security awareness training and testing in your organization?

If you are in the healthcare industry or the financial industry and work with even more sensitive information than most other businesses, there are already strict regulations to meet, and your insurance provider might want to make sure you are following those guidelines as well.

It’s important to know that your insurance agent doesn’t know anything about what’s in place at your business when it comes to your technology. Your rep probably isn’t especially technical either, which can add to the confusion. Sometimes they might be able to give you some deeper insight into what the most important questions are, but in a lot of the cases we’ve seen, the insurance provider can’t really offer much in the way of guiding your business to meet their compliance standards. 

And honestly, we wouldn’t expect them to. That’s not their role.

Don’t Do This for the Sake of Your Business Insurance

Sure, if you can make some changes to your IT to reduce your overall insurance costs, then that’s a nice win. However, business owners shouldn’t be taking these steps just because your insurance company told you to do so. Forget the savings on your insurance, and look at this as an opportunity to do the right thing for your business.

There’s a reason insurance companies are asking questions about cybersecurity—modern cyber threats have become a much larger problem over the past few years, and it’s only going to get worse. Even for a smaller business, a particularly bad ransomware attack can cost thousands and thousands of dollars. Plus your organization can lose a lot of time dealing with threats, to the point where one attack could put you out of business.

A lot of the standards that your insurance company is looking for aren’t necessarily expensive fixes either. It’s less about throwing money at the wall and more about making sure things are done properly and that your staff understands how to keep your data secure.

Let’s Consider Your Business’ Insurance Requirements

We’ve been helping businesses make sense of cybersecurity requirements and compliance requirements for a long time, and we can help your business review the requests made by your insurance provider and make sure you are doing what’s best for your business.

If you have any questions or want to review your insurance requirements together, give us a phone call at (603) 889-0800.

Related Posts

What to Know About Your Business’ Wireless Router

The modern workplace wouldn’t exist as it does without the advent of wireless Internet or Wi-Fi. Understanding how your wireless router works can be incredibly helpful for any business owner, and it can help you get even more out of your wireless connection. Today, we want to share some information about wireless routers that can help you use them more effectively. But First, the Basics One of...

Don?t Take Any Chances: Get a VPN Today

Encryption The primary technology at work with a VPN is encryption, keeping any data secure while it?s moving to or from your network. With this encryption in place, it becomes much more difficult for an unauthorized user to steal or snoop on your data. Data Integrity VPNs can also ensure that your data?s integrity is sound. When it gets sent over an encrypted connection, you can know with conf...

Smishing: A Variety of Phishing Attacks Utilizing SMS

The Dangers of SMS Phishing, or ?Smishing? Ultimately, any plot carried out by a scammer that is trying to either pose as someone else or urge the user to do something particularly dangerous could be considered a phishing attack. This kind of definition goes beyond simple email scams, where you get a message in your inbox urging you to click on links or download infected attachments. There are ot...

Why Outsourcing Your IT Management Has Huge Value

Cost/Benefit is a term you hear a lot. It’s always used in conversations about potential investment and means something. Well, at least it should. One of the places that many people can gain benefits from their investments is by outsourcing some of their responsibilities to an outside vendor. This works especially well with IT management. Let’s take a look at why outsourcing your technology suppor...