Amazon Web Services (AWS) has recently announced a cyber insurance program designed to help customers find affordable cyber insurance policies that align with their security posture. This blog post will discuss the details of cyber insurance and look at the specific program offered by AWS. We will also look at how VAST can help you navigate AWS’s offering to ensure your company gets the optimal benefits from the program.
What is Cyber Insurance?
Cyber insurance is a relatively new concept that is designed to protect organizations from the risks of cyberattacks and malicious exploits perpetrated by threat actors. It is also commonly called cybersecurity insurance or cyber liability insurance.
Cyber insurance is a policy offered by an insurance carrier to mitigate the risk and offset the costs associated with cyberattacks or data breaches. By paying monthly or quarterly premiums, an organization can transfer some of the financial risks to the insurer.
The dynamic and evolving nature of cyber risks can result in cyber insurance policies changing on a monthly basis. The limited data available to underwriters make it difficult to accurately develop risk models to define coverage and rates for a cyber insurance policy.
The origins of cyber insurance come from the errors and omissions (E&O) policies offered by some insurers. These types of policies protect against potential faults in the services provided by an organization. An E&O policy is comparable to the product liability policies obtained by companies that sell physical products rather than services.
What Does Cyber Insurance Protect?
As with other types of insurance, there are variable amounts of protection available with a cyber insurance policy, based on the premiums a customer is willing to pay. Obtaining the right policy for your company requires discussions with your insurance agent to find coverage that fits your business requirements and objectives.
A cyber insurance policy should cover the following situations:
- Data breaches including the theft of personal and sensitive information;
- Cyberattacks directed at your infrastructure;
- Cyberattacks that affect your data resources held by third parties and vendors;
- Cyberattacks or terrorist acts that occur in foreign countries and impact your data.
Additional provisions that may be part of a cyber insurance policy and may be desired by the customer include:
- Defending the organization if necessary to address lawsuits or investigations by regulatory authorities;
- Coverage that exceeds the value of other types of insurance policies;
- The availability of a 24/7 breach hotline to be used in the event of a cyber security incident.
What are First and Third-Party Coverages?
Two different basic types of cyber insurance are available. In some cases, an organization may only require one type of policy, but having both offers additional protection against cyberattacks and data loss events.
First-party coverage
A first-party cyber insurance policy covers your employee, customer, and enterprise data resources. This type of policy protects a company against the effects of cyberattacks. Coverage usually includes provisions that mitigate the cost associated with:
- The restoration and replacement of lost or stolen data;
- Determining notifications and regulatory compliance obligations in the wake of a data breach;
- Lost income resulting from business interruptions;
- Cyber extortion and fraud;
- Forensic services to identify the source of the breach or attack;
- Public relations and crisis management;
- The fines and penalties that are levied as a result of an incident.
Third-party coverage
Third-party coverage protects a company from third-party claims related to cyberattacks or data breaches. A third-party policy should include:
- Payments to customers affected by a data breach;
- Claims related to lawsuits brought about by victims of a data breach;
- Costs related to responding to litigation and regulatory investigations;
- Account costs and losses related to copyright or trademark infringement.
In the event of a data breach, a company can minimize the costs of recovering its data and losses from outages with a first-party cyber insurance policy. The additional coverage offered by a third-party policy relieves an organization from the secondary costs of a data breach that affects its customers or intellectual property.
Who Needs Cyber Insurance?
Any company that stores, manages, or processes digital data can benefit from purchasing a cyber insurance policy. Ecommerce companies and those that store data on websites should strongly consider cyber insurance. Cyber insurance may be especially important for small and medium-sized businesses. These companies may be more adversely affected by the financial repercussions of a cyberattack than larger organizations with more extensive financial resources.
What Does the AWS Cyber Insurance Program Offer Customers?
The goal of AWS Cyber Insurance Partner Solutions is to streamline the process of finding affordable policies that align with a customer’s security posture. The assessment solution offered by AWS allows organizations to easily identify plans with the coverage they need.
The AWS Cyber Insurance Partners have transformed the assessment and onboarding process to benefit customers whose security posture follows AWS best practices. Following are some of the program’s highlights.
- Cyber insurance quotes are guaranteed in two days or less.
- The program includes large and small insurers with more being added all the time.
- AWS partners, such as VAST, have a streamlined method of joining the program.
- AWS will facilitate partner-insurer relationships so partners can offer policies to their customers.
- The program streamlines the process of finding security services that address the requirements of companies interested in cyber insurance.
As the world’s leading public cloud service provider, AWS is perfectly positioned to attract insurance companies and security solutions that offer its customers enhanced protection against cyberattacks. Companies that were challenged to negotiate the complexities of finding an appropriate policy can greatly benefit from the AWS solution.
Engaging VAST to Optimize AWS Offerings
VAST has a strategic partnership with AWS that puts them in an excellent position to help its customers get the most out of AWS products and services. VAST has your back when it comes to AWS products and services and can steer you in the right direction regarding the new cyber insurance program.
One of the considerations when obtaining a cyber insurance policy through the AWS program is the degree to which an organization conforms to AWS’s best cybersecurity practices. VAST can perform a security assessment to identify where processes may need to be modified to follow AWS standards.
Give VAST a call and start looking for the right cyber insurance policy to protect your company while not taxing your budget with the AWS Cyber Insurance Program.