Saas · Cyber security

What is the best thinking on cyberinsurance? How do I mitigate the risk of data breach on my co?

Mark West Creative technologist and entrepreneur, building regulatory compliance software for gaming

August 19th, 2015

My company maintains sensitive personal identifying information (PII) in a secure cloud-based system. While we are taking great steps to provide a secure physical and logical environment, we recognize that the risk of a data leak or data breach cannot be completely eliminated.

How do I mitigate risks for my company resulting from a data leak or breach, in which some of this sensitive information is exposed? Which insurance companies are in the forefront of this evolving area?

Shelia Cockburn

August 19th, 2015

As an attorney, I can tell you that insurance is not enough to be pro-active against cybersecurity. You must implement a policy (and train from C-level to staff) that addresses: risk, recognize, analyze, mitigate, recover, etc. Contact me offline if you would like my assistance. 

Lawrence Lerner Digitalization and Transformation Coach

August 19th, 2015

Mark, there are a lot of steps you can take to work with insurers and partners. A key component is how they can also help you with communications, messaging and the breach response. Pre-planning and knowing what will be, may be paid for is something that will give you piece of mind.

I'm happy to provide an introduction to one of the insurers I work with here in Seattle.

Feel free to ping me off list.

Cheers

Glenn Donovan Vice President of Sales (fractional)

August 19th, 2015

While I realize you were asking for insurance solutions, have you considered a more advanced encryption approach in which your clients own the keys? Where you are never storing clear data - at rest or in motion or in process? Or even a simpler tokenization? There are some promising products/approaches out there.

The only way to mitigate the risk effectively is to never possess PCI data in the clear.

Jules Robbins President, WebCraft ~ Producers of VinesOS and HopsOS

September 25th, 2015

What is the most important thing when considering cyber insurance? My company  handles transactions for wineries and breweries, including batch processed club shipments, however we use tokenization. I'm looking into cyber insurance, and whether it is something we should have on top of that. Greatly appreciate advice/feedback. 
Thanks, Jules