By Roberta Anderson and Nickolas Milonas
Given the prominence of recent cyber attacks, the importance of comprehensive cyber security policies in both the private and public sectors has received increased attention. As part of a comprehensive approach to cyber security, cyber insurance can be a critical tool to identify and mitigate an organization’s data risks. However, the wide range of potential risks faced by different organizations and the lack of standardized policy language in this emerging field can make selecting an appropriate policy difficult. In light of these challenges, we recently developed a list of five key issues to consider when selecting a cyber insurance policy, including identifying an organization’s risk profile, checking against an organization’s existing policies, purchasing cyber insurance as-needed, covering third-party cloud providers, and recognizing the physical aspect of cyber security.