The role of cybersecurity insurance in the enterprise

Image source: Article

Image source: Article

In the simplest of terms, there are two sides to every information security program: protection and response. A successful cybersecurity program requires both. However, on both sides of the coin, organizations must deal with five realities:

  1. There are things they have under control and completely operationalized.
  2. There are things they can handle, but it's a pain to keep on top of them.
  3. There are things they have to work hard at but can still manage; somehow, barely.
  4. There are things they don't know how to deal with; investments in process, technology or personnel will not make a  material difference.
  5. Their program is defined and managed by humans -- and humans make mistakes.

Our CEO, Jonathan Niednagel, contributed to this article by noting first that cybersecurity insurance doesn't replace security best practices; rather it is a critical component that fills in the gaps of a solid, well thought out security program. "Any security professional will tell you that you can never be 100% protected against an attack," said Niednagel. "If this were true, then best practices and due diligence should get you 95% of the way there, and cyberinsurance should cover the remaining 5% exposure."

Read the full article on TechTarget SearchSecurity