Skip Navigation
  • Careers
  • Report a Claim
  • Clients
  • Contact Us
  • Employees
Risk Strategies Logo
  • Industries

    • Architects & Engineers
    • Aviation
    • Cannabis
    • Construction
    • Education
    • Entertainment
    • Financial Services
    • Fine Art
    • Healthcare
    • Law Firms
    • Marine & Yacht
    • Nonprofit & Human Services
    • Private Equity
    • Public Sector
    • Real Estate
    • Relocation
    • Transportation
    • Waste & Recycling
  • Solutions

      • Captives
      • Casualty
      • Cyber
      • Environmental
      • International
      • Management Liability
      • Property
      • Surety
      • Employee Benefits Overview
      • Benefit Administration and Technology
      • Benefits Compliance Support
      • Data & Analytics
      • Human Capital Management
      • International Benefits
      • Absence Management & Ancillary Programs
      • Voluntary & Lifestyle Benefits
      • Financial & Wealth Overview
      • Life Insurance
      • Private Client Services Overview
      • Homeowners
      • Collections
      • Umbrella & Excess Liability
      • Auto
      • Boat & Yacht
      • Family Office
      • Specialty Coverages
    • Reinsurance
      • Risk Management Services Overview
      • Analytics
      • Claims Management & Advocacy
      • Loss Control
      • Safety Consulting Services
  • Consulting

    • Consulting Overview
    • Actuarial Services
    • Healthcare Claim Audit Services
    • Health and Welfare
    • Mergers and Acquisitions
    • Pharmacy Consulting
    • Retirement Benefits
  • News and Insights

    • All Insights
    • Blog
    • Emergency Resource Centers
    • Employee Benefits Compliance Center
    • Events
    • Media Coverage
    • State of the Market Reports
    • Press Releases
  • Company

    • About Us
    • Careers
    • Culture and Values
    • Diversity, Equity & Inclusion
    • Environmental, Social, & Governance
    • General Terms of Business
    • Leaders
    • Local Expertise
    • Mergers & Acquisitions
    • Recognition & Awards
    • Risk Strategies Charitable Foundation
    • Transparency and Disclosures
  • Join Us
    • Careers
    • Mergers & Acquisitions
  • Industries
    • Architects & Engineers
    • Aviation
      • Aviation Business Insurance - Manned Risk
      • Non-Owned Aviation
      • Unmanned Aerial System and Drones
    • Cannabis
    • Construction
      • Alternative Solutions
      • Financing & Pre-Construction
      • Insurance Solutions
      • Risk Management
      • Surety
    • Education
      • Employee Benefits for Education
      • Property, Casualty & Liability for Education
      • Student Health & Wellness
        • Student Health Brokerage and Consulting
        • Student Health Plan Administration
        • Student Health Insurance Plans
        • Solutions for Student Athletes
        • Student Health & Wellness Tools
        • Special Risk Insurance
    • Entertainment
      • Film & Television
      • Advertising Production Wrap Ups
      • Advertising/PR
      • Event Cancellation & Non-Appearance
      • Music & Touring
      • Theatrical Production & Live Performance 
    • Financial Services
      • Asset Managers
      • Banks & Non-Bank Lending
      • Collections
      • Consumer Financial Services
      • Financial Tech
      • Insurance Companies
    • Fine Art
      • Artists
      • Artist Endowed Foundations
      • Auction Houses
      • Fine Art Packers / Shippers / Warehouses
      • Galleries
      • Museums
      • Private Art Dealers / Advisors
      • Private Collectors
    • Healthcare
      • Employee Benefits - Healthcare
      • Managed Care / Stop Loss
      • Medical Malpractice
      • Property & Casualty - Healthcare
      • Reinsurance
    • Law Firms
    • Marine & Yacht
      • Boat & Yacht For Individuals
      • Commercial & Recreational Marine Businesses
        • Marine Businesses
        • Sailing Organizations - Burgee Program
      • Jackline Program for Cruising Yachts
      • Mega Yachts
      • One-Design Insurance Program
      • Crew Medical Insurance
      • Sailors Health Insurance Program
      • Travel Medical & Trip Insurance
      • US Sailing Insurance Solutions
    • Nonprofit & Human Services
    • Private Equity
    • Public Sector
      • Public Safety Organizations & Municipalities
    • Real Estate
      • Commercial
      • Community Associations
      • Hospitality
      • Residential / Habitational
      • REITs
      • Retail
      • Specialty Programs
    • Relocation
      • Domestic Household Goods
      • Expat Renters & Living Insurance
      • Relocation Claims Service
      • International Household Goods
      • Supplemental Movers Coverage
      • Temporary Living Insurance
      • Vacant Home
    • Transportation
      • Business Auto Insurance
      • Last Mile Delivery
      • Forwarding & Brokering
      • Workers' Compensation
    • Waste & Recycling
  • Solutions
    • Business Insurance
      • Captives
      • Casualty
        • Analytics
        • Auto Liability & Physical Damage
        • Captives & Alternative Risk Financing
        • Claims Advocacy & Loss Control
        • Excess Liability
        • General Liability
        • Product Recall
        • Workers' Compensation
      • Cyber
        • Cyber Resolute
        • Cyber Risk Assessment and Analytics
        • Cyber Risk Response & Claims Advocacy
        • Cyber Risk Management Platform
      • Environmental
        • Contractors Pollution Liability
        • Environmental Excess
        • Environmental Liability Transfer
        • Environmental Liability - Healthcare
        • Environmental Liability - Higher Education
        • Pollution Legal Liability
        • Environmental Liability - Private Equity
        • Professional Environmental Liability Insurance
        • Real Estate Development
        • Remediation Cost Cap
        • Secured Creditor Protection for Lenders
        • Underground Storage Tanks
      • International
      • Management Liability
        • Management Liability - Entertainment
        • Management Liability - Financial Institutions
        • Management Liability - Healthcare
        • Management Liability - Real Estate
      • Property
        • Builder's Risk
        • Property Claims Services
        • Inland Transit and Ocean Cargo
        • Natural Hazard Catastrophe Modeling
        • Political Violence and Terrorism
        • Property Damage & Business Interruptions Valuations
        • Property Loss Prevention and Control
      • Surety
    • Employee Benefits
      • Employee Benefits Overview
      • Benefit Administration and Technology
      • Benefits Compliance Support
      • Data & Analytics
      • Human Capital Management
      • International Benefits
      • Absence Management & Ancillary Programs
      • Voluntary & Lifestyle Benefits
    • Financial & Wealth
      • Financial & Wealth Overview
      • Life Insurance
    • Private Client Services
      • Private Client Services Overview
      • Homeowners
      • Collections
      • Umbrella & Excess Liability
      • Auto
      • Boat & Yacht
      • Family Office
      • Specialty Coverages
    • Reinsurance
    • Risk Management Services
      • Risk Management Services Overview
      • Analytics
      • Claims Management & Advocacy
      • Loss Control
      • Safety Consulting Services
  • Consulting
    • Consulting Overview
    • Actuarial Services
    • Healthcare Claim Audit Services
    • Health and Welfare
    • Mergers and Acquisitions
    • Pharmacy Consulting
    • Retirement Benefits
  • News and Insights
    • All Insights
    • Blog
    • Emergency Resource Centers
      • Cybersecurity
      • Earthquake
      • Hurricane
      • Pandemic
      • Riot & Civil Unrest
      • Severe Storms
      • Violence & Active Shooter
      • Wildfire
      • Winter Weather
    • Employee Benefits Compliance Center
    • Events
    • Media Coverage
    • State of the Market Reports
    • Press Releases
  • Company
    • About Us
    • Careers
    • Culture and Values
    • Diversity, Equity & Inclusion
      • BeHEARD Series
      • DE&I Structure
      • Employee Resource Groups
    • Environmental, Social, & Governance
    • General Terms of Business
    • Leaders
    • Local Expertise
    • Mergers & Acquisitions
    • Recognition & Awards
    • Risk Strategies Charitable Foundation
    • Transparency and Disclosures
      • General Terms of Business
      • Conflict of Interest Policy
      • Compensation Disclosure
      • Enterprise Risk Management
  • Join Us
    • Careers
      • Benefits & Wellness
      • Investing in Growth & Leadership
      • Life at Risk Strategies
      • Next Steps
    • Mergers & Acquisitions
      • Partnership Benefits
      • Why Join Us?
      • Onboarding & Integration
  • Careers
  • Report a Claim
  • Clients
  • Contact Us
  • Employees

You are about to leave Risk Strategies website and view the content of an external website.

You are leaving risk-strategies.com

By accessing this link, you will be leaving Risk Strategies website and entering a website hosted by another party. Please be advised that you will no longer be subject to, or under the protection of, the privacy and security policies of Risk Strategies website. We encourage you to read and evaluate the privacy and security policies of the site you are entering, which may be different than those of Risk Strategies.

OK
  • News and Insights
  • Blog
April 07, 2023

5 Tips for Managing Cyber Costs in 2023

Cyber
5 min read
Allen Blount, National Cyber & Technology Product Leader
  • Facebook
  • Twitter
  • LinkedIn
  • Email
5 Tips for Managing Cyber Costs in 2023

Your organization’s cyber maturity is a primary factor in determining insurability, coverage amounts, and pricing. A cyber-aware workforce and multi-factor authentication have become table stakes. Without these safeguards, your likelihood of getting a cyber policy is negligible.

Given the ongoing threat of ransomware and other expensive cybercrime, organizations that want the best cyber insurance coverage and pricing will need to demonstrate best practices beyond mere compliance training. As 2023 progresses, it’s safe to expect that insurers will request additional security measures and documentation as part of the underwriting process. Here are five opportunities to strengthen your defenses:

1. Expand endpoint security planning

Hackers will find clever new ways to infiltrate your network through endpoint devices. With edge computing and the proliferation of smart devices that connect to company resources, endpoint security has become exponentially more complex. Medical devices, fire alarms, and other equipment not typically owned by IT now require cybersecurity protocols.

2. Examine the software/platform/infrastructure as-a-service products you rely on

Though SaaS, PaaS, IaaS, and other as-a-service offerings provide convenience and cost-savings, they complicate your security planning and increase systemic risk potential. Have you established a service-level agreement with each provider regarding cybersecurity? No matter what security promises you receive from a vendor, your organization bears ultimate responsibility for protecting data and meeting customer needs. If a breach occurs in a vendor’s network, your customers expect you to have a Plan B.

3. Pause training at your own peril

Employers who are belt-tightening due to the economy often view training as discretionary spending, as opposed to a necessary investment. But people are your first line of defense against cyber threats, and insurers expect your workforce to practice good security hygiene and know what danger signals to watch for.

Additionally, those involved in software development, IT ops, data pipeline management, and other specialty roles need in-depth knowledge of how to spot and correct vulnerabilities. For example, many software development teams are shipping code today with security vulnerabilities. Does your organization include security protocols when defining software requirements? Have you implemented secure coding best practices and trained your teams on these? Are you monitoring compliance to make sure all developers are adhering to the coding standards you’ve established?

4. Look at corporate culture and compensation through a cyber lens

Some executives reward product development speed in a way that compromises cybersecurity. If their bonus depends on getting a new feature to market by a specific date, what prevents them from taking security shortcuts?

If you measure software developers’ performance based on the number of tickets or story points, do they have incentive to focus on cybersecurity?

You need to audit your business to identify practices that may be creating inadvertent cyber risk.

5. Consider the impact of layoffs on cybersecurity

A reduction in force — within your company or at a vendor you use — can open the door to multiple cyber risks. People with institutional knowledge of vulnerabilities can use that information to harm an employer. Handling a layoff poorly, with inadequate notice and impersonal communication, can leave you (or a vendor) with a disgruntled workforce. One upset employee can bring your system down.

The surviving workforce, which is now shouldering a heavier workload, may be tired. Fatigue can lead to human error and oversights, such as failing to monitor open ports or clicking on a malicious link.

If heavy layoffs take place in a compressed timeframe, certain job tasks may sit completely neglected, including those related to security monitoring.

Hackers watch for signs of internal turmoil, and they will pounce on your vulnerabilities. If you’re busy quelling a media firestorm, are you paying adequate attention to your cyber defenses?

From a compliance mindset to a security culture

As authorities crack down on one type of cybercrime, bad actors find new ways to infiltrate your network. Because the human imagination is limitless, the cyber threat landscape will continue to expand and morph.

Instead of viewing security as a checkbox and implementing bare minimum defensive activities, you will need to do more in the coming months to qualify for the best cyber insurance rates and provisions. Together, we can talk through what a security culture looks like and how to get from where you are today to a state of cyber-resilience.

Want to learn more?

Find Allen Blount on LinkedIn, here.

Connect with Risk Strategies Cyber Risk team at cyber@risk-strategies.com.

This blog post is an excerpt from 2023 Cyber Liability: Building cyber resilience in a complex world. Download the eBook Now.

About the Author:

Allen Blount leads the Cyber Team at Risk Strategies. He specializes in both cyber insurance and tech E&O (errors and omissions). Prior to this role, he spent 12 years with Zurich North America, gaining extensive experience as a Cyber and Professional Liability Underwriting Manager. Before his insurance career, he practiced law. 

The contents of this article are for general informational purposes only and Risk Strategies Company makes no representation or warranty of any kind, express or implied, regarding the accuracy or completeness of any information contained herein. Any recommendations contained herein are intended to provide insight based on currently available information for consideration and should be vetted against applicable legal and business needs before application to a specific client. 

Related Posts

See all posts

Here are cyberattack scenarios from restaurants and hotels, plus tips for improving cybersecurity. To get cyber insurance, you need these safeguards in place. (Also, add this alt text: In this photo, a customer’s hand is holding a cell phone a couple inches away from a mobile point-of-sale device. As contactless payment has become more popular, cyberattacks on point-of-sale systems is a growing threat. Hospitality businesses need a cybersecurity and cyber insurance strategy in place for these endpoint devices.
Cyber 11 min read Cybersecurity Risks in Hospitality April 06, 2023
This photo shows a gray laptop with a black screen. Faint blue light emanates from the backlit keyboard. On the screen is a hacker’s malicious code. A slim gray cell phone rests on the keyboard. The cell phone’s screen features a dark blue gradient background with a shield shape above the midline. In the shield is a white padlock. A thick band of white light surrounds the shield. This decorative cybersecurity image reminds small businesses to consider the threat of cyberattacks and the need for cyber insurance.
Cyber 8 min read How Small Businesses Can Avoid Cybe... August 11, 2023

Subscribe via Email

Risk Strategies Logo
  • Report a Claim
  • Clients
  • Contact
  • Employees
  • Terms of Use
  • Cookie Policy
  • Privacy Policy
  • Accessibility
  • Health Plan Transparency Compliance
  • Accessibility
  • Cookie Policy
  • Health Plan Transparency Disclosure
  • Privacy Policy
  • Terms of Use
©2023 Risk Strategies. All rights reserved.

Connect with Us

  • LinkedIn
  • Twitter
  • Instagram
  • Facebook