Cyber-attacks focus on disrupting your day-to-day operations by encrypting your data and often attempting to steal confidential information. Cyber insurance provide a cushion to fall-on in the worst case scenario. With the increasing numbers of cyber-threats, cyber insurance has become a necessity. Getting cyber insurance coverage is a process that involves setting up adequate data protection measures such as immutability and air-gapping.

There’s more to cyber insurance and we’ll be covering the basics in this blog post. We will also be discussing what data protection measures you can adapt to satisfy cyber insurance requirements – in turn lowering premium coverage rates.

What is cyber liability insurance?

Cyber liability insurance (or cyber insurance) provide coverage for damages and liabilities caused by data loss of sensitive information such as social security numbers, medical records, financial information, etc. due to ransomware attack, hacking, and data breaches.

As a relatively new type of business insurance, the specifics of a cyber insurance policy vary depending on the insurance company. Typically, policies provide coverage for costs associated with cyber risks such as informing customers, investigating the attack vector and related details, data recovery, public relations (PR), and other resultant general liability of a data breach.

How much does cyber insurance cost?

The cyber insurance premium varies depending on the amount of coverage, the complexity and size of your business, as well as other factors. Cyber liability can be a few thousand dollars to tens of thousands – it all depends on what you need covered.

Cyber insurance policies also come with cyber security requirements – which can cost you more if your current data protection system doesn’t meet these minimum cyber-security standards.

It is worth noting that as cyber insurance is still new, the lack of long-term data make it difficult for insurance experts to effectively analyze risk versus returns. As a result, there is no standard for cyber insurance costs. Due to the increasing demand and number of cyber-attacks, it’s advised to expect an increase in insurance premiums as you decide to take-on long-term agreements.

Who needs cyber insurance?

Cyber-attacks do not pick favorites. They target businesses, big and small regardless of the industry. As reported by the FBI, ransomware attacks targeted healthcare and first responders more in the pandemic – endangering lives and demanding ransomware up to $25 million.

In general, companies that need to collect and retain sensitive information such as Personally Identifiable Information (PII), social security numbers, financial information, medical records, etc.

Here’s a list of the top 10 industries targeted by ransomware attacks last year in descending order (source: Nordlocker):

1. Construction
2. Manufacturing
3. Finance
4. Healthcare
5. Education
6. Technology and IT
7. Logistics and transportation
8. Automotive
9. Municipal services
10. Legal

If you’re a company offering product(s) or service(s) in any of the abovementioned industries, you need cyber insurance.

Cyber Insurance Requirements: Reliable Backups and Immutability

As part of their underwriting process, insurance companies carry out a risk assessment which determines your premiums, coverage limits, and whether or not you qualify for cyber insurance.

In order to manage risks, insurance companies require policyholders to set up and maintain cyber-security standards to qualify for cyber insurance.

While the required cyber-security measures vary depending on the insurance company, here’s a list of data protection features generally required by most companies:

• Use antivirus software to protect essential business data from malware.
• Protect the company network using a reliable firewall.
• Configure access protocols and permissions appropriately and protect admin credentials effectively.
• Set up regular backups and store at least one backup copy on external storage media and/or cloud.
• Store a copy of your critical backup data in on-prem or cloud immutable storage repositories.

As cyber-threats continue to evolve and come out with more advanced ways to target business data, insurance companies are now adding measures such as immutability as a requirement to reduce cyber liability. Furthermore, if you’re using immutability, you’re in a better position to negotiate lower insurance premiums.

How to add immutability to your IT infrastructure

There are a number of ways you can add immutability to your IT infrastructure depending on the desired storage media and chosen vendor.

As a manufacturer of enterprise storage, hyperconverged, backup and DR, and cloud solutions, we can help you set up immutability within your budget and custom-build it as per your requirements to satisfy cyber insurance requirements seamlessly.

With StoneFly solutions, you can set up immutability in one of the following ways:

• Purpose-built on-premises appliances with built-in immutable WORM storage and air-gapping capabilities. Immutable storage features include S3 object lockdown and file lockdown.
• Virtual immutable storage volumes provisioned using idle and unused storage resources of your existing IT infrastructure. The storage provisioning and integrated immutable storage features are unique to StoneFly’s patented storage virtualization engine (SCVM) and have been tested with mainstream hypervisors such as VMware, Microsoft Hyper-V, KVM, and Citrix (formerly XenServer).
• Serverless integrated immutable storage in public/private cloud with support of automated storage tiering and data transfers. With StoneFly Smart cloud gateway, you can connect your applications and servers to immutable storage in Azure, AWS, any other S3 cloud, and/or StoneFly private cloud.

In order to make immutability seamless, all our solutions are turnkey and offer a plug and play experience. Furthermore, StoneFly technical team provides premium support to your IT staff to simplify installation, deployment, testing, and optimization.

Add Immutability to Your Veeam Server

As a Veeam Gold Reseller, StoneFly has helped Veeam users (and new users) worldwide to integrate on-premises physical/virtual and cloud-based immutable storage volumes with their existing environments.

Our customers include government departments, healthcare, education, finance, manufacturing, and construction companies – big and small.

With our premium professional services, our customers trust us to provide 24/7 hassle-free technical support whenever necessary. Our ability to deliver makes us the choice Veeam reseller and technology partner of industry leaders worldwide.

Conclusion

With the increasing number of cyber-attacks, companies, big and small, are looking to get cyber insurance so that they have general liability coverage in the event of a data breach or ransowmare attack.

In order to get cyber insurance, insurance companies require policyholders to set up cyber-security measures such as network firewall, access protocols and permissions, regular backups with one copy offsite and air-gapped, and immutable storage for critical backups.

We can help you set up and integrate turnkey physical, virtual, and/or cloud-based air-gapped backup and immutable storage with your existing IT environment(s) seamlessly.

Looking for immutable storage to satisfy cyber insurance requirements? Fill out the form at the bottom, email [email protected] or call +1 510 265-1616 to discuss your projects with our experts.