Over the past few months, we have spoken to insurers and our customers about the difficulty organizations are facing qualifying for cyber insurance coverage and obtaining affordable rates. This is due to a number of factors, including:
- The increasing frequency and severity of cyber attacks
- The rising cost of cyber claims
- The complexity of cyber insurance policies
We recently found out that a prospective customer had a massive outage in their data center earlier this year and, when they were audited, it became clear that they weren't testing their data center recovery plans as required by regulators and their insurer. Because of this audit, the prospective customer would potentially be fined if they didn't comply by a certain time. Also, they needed to prove to both the auditors and their insurance carrier that they were doing everything required to be more resilient. Needless to say, they are now a Cutover customer and put Cutover on their cyber insurance application as proof that they are trying to be more resilient.
This scenario is likely a common occurrence across the spectrum of enterprises that cyber insurers deal with on a daily basis. Because of the frequency and volatility of cyber attacks, cyber insurers require some evidence that the organization has a plan in place to respond to and recover from a cyber attack. Cyber insurers want to make sure that the organizations they insure are taking steps not only to defend their systems, but also to mitigate their risk and minimize the damage caused by a cyber attack.
Cyber insurers require a cyber recovery plan for several reasons:
- To assess risk. A cyber recovery plan can help cyber insurers assess the organization's risk of a cyber attack and its potential impact. This information is then used to set premiums and determine coverage limits.
- To verify preparedness. A cyber recovery plan demonstrates that the organization is prepared to respond to and recover from a cyber attack. This is important to cyber insurers because it reduces the likelihood of a large payout.
- To encourage best practices. Cyber insurers require cyber recovery plans to encourage organizations to adopt best practices in cybersecurity. This includes having regular, air-gapped backups, testing cyber recovery procedures, and training employees on cybersecurity awareness.
If you are considering purchasing cyber insurance, it is important to check with the insurer to understand their requirements for a cyber recovery plan. An automated cyber recovery plan demonstrates that the organization is serious about cybersecurity and that it has a well-structured plan that orchestrates people and technology tasks to get the business back on its feet quickly if its defense is penetrated.
The team at Cutover can help you develop a comprehensive and automated cyber recovery plan that meets the requirements of your insurer and your organization's specific needs.
Cutover’s dynamic, automated runbook technology provides benefits for cyber recovery in four key areas:
- Precision orchestration: Cutover runbooks provide consistency across complex critical architectures. It’s unlikely you’ll be able to anticipate all the steps needed in any given cyber scenario, and you may need to adapt your plans. But, you still need a level of precision in the orchestration of who does what when, what order it gets done in, and what integration you need to kick off an automation at any time.
- Reduced risk: Connect your people, tools, and systems on a single platform. If you’re relying on manual ways to orchestrate the process you’re much more reliant on individuals as single points of failure or knowledge rather than having that knowledge codified in a repeatable way. Cutover runbooks reduce the risk of manual error, remove the cognitive load off individuals, and help you ensure you have the best possible plan ready to go.
- Integrations and automation: Integrate and automate your core IT technologies. Organizations have invested a lot in automation but it’s sometimes buried - Cutover runbooks are how you surface that work and make it usable and repeatable.
- Real-time dashboards and audit trails: Cutover runbooks provide a central point of reference and control for continuous improvement and regulatory or cyber insurance audit proof. If you have steps codified and a way of capturing what happened and when, you reduce the overhead of giving visibility to whoever needs it whether during the recovery or after.