Insights
INSIGHTS
All Topics
What is cyber insurance (and do I need it)?
19 Aug 2020by Cub Llewelyn Davies
Experts from the NCSC examine how cyber insurance can form part of a wider charity cyber security strategy
Cub Llewelyn-Davies, Charity Sector Lead from the National Cyber Security Centre, introduces the concept of cyber security and examines what place it has within the wider framework of charity cyber security
The charity cyber security landscape has seen a number of changes in the last few months. With a sudden and near-total shift to remote working (and now a more measured transition to blended working) many charities have had to re-examine their existing cyber security practices.
This gives organisations the opportunity to build a more complete cyber security infrastructure: to develop, from the ground up, an integrated cyber security strategy tailored to their organisational needs. We are seeing charities add additional layers of protection to their security, and integrate new solutions into existing frameworks.
One aspect of this framework that you may not have thought of is cyber insurance. This is a form of cover designed to protect your business from threats, such as data breaches or malicious cyber attacks.
The NCSC has issued new guidance for charities on how cyber insurance can form part of a wider cyber security framework.
Related Articles
To help protect your Charity online, the NCSC has developed a series of resources that you can use as a first port of call. It’s vital that the appropriate defences are put in place to protect your charity. We are increasingly being asked complementary solutions such as cyber insurance, and about how these solutions can fit within an organisation’s overall approach to cyber risk.
While we can’t tell you what your exact insurance needs are, we have looked at useful cyber security considerations, and come up with some questions that can help you work out what - if anything - is right for your organisation.
This new guidance is not a buyers guide to cyber security insurance. What it will do is help you decide if cyber insurance could contribute to how you manage your cyber risk.
Some of these questions may help you think about what cyber security defences you already have in place, and what you want to protect the most. Most importantly, buying cyber insurance doesn’t mean you no longer have to worry about cyber attacks. You can protect your organisation by ensuring you have fundamental cyber security safeguards in place, such as those certified by Cyber Essentials, or Cyber Essentials Plus For organisations with turnovers of less than £20 million, achieving either certification now automatically gives you £25,000 limit of cyber indemnity insurance cover.
We have also suggested a couple of questions you may wish to discuss with your insurance broker or provider, to help you understand:
- what services and support are available to deal with a cyber incident
- how cyber insurance could help your organisation get back on its feet, should something cyber-related go wrong
To fully understand what kind of cyber insurance policy is right for you, you need to identify the risks your charity faces. Many organisational risks (such as financial risk or legal risk) have a cyber component to them, so it’s really important to look at cyber security as an integral part of your organisational risks. Good risk management will help you to make better, more informed decisions about your overall cyber security, and help you understand if cyber insurance should be part of that.
More on this topic
Recommended Products
Featured Products
Our Events
Charity Digital Academy
Our courses aim, in just three hours, to enhance soft skills and hard skills, boost your knowledge of finance and artificial intelligence, and supercharge your digital capabilities. Check out some of the incredible options by clicking here.
© 2022 Charity Digital Trust. All rights reserved
