Free Cybersecurity Assessment

01 May 2022

russian-hacker-protection

Businesses of every size and in every sector are at risk from growing cyber threats—those are just the facts. With awareness of the danger growing, more and more companies are looking at ways to protect themselves when they’re hit with a malware attack or data breach (and I do mean when, not if), which is sensible.  

However, some might think the first step is to take out a cyber insurance policy to guard against the financial fallout from a successful cyberattack, and then figure out what security steps they should be taking to keep their network and data safe from hackers.  

Unfortunately, that process is backwards. 

The reality is that unless your organization has comprehensive cybersecurity controls, policies, procedures and plans in place, you’re not going to be able to even qualify for a cyber insurance policy. Insurance companies aren’t in the business of underwriting reckless behavior. Your insurance application is going to include hard questions about your current cybersecurity maturity, and you’ll need to answer them truthfully to attain valid coverage.  

Want a sense of what major insurers are looking for? Here’s a glimpse of what you can expect. 

Cyber Insurance Underwriting Questions You’re Likely to See 

An insurance application is designed to gather the information necessary to underwrite a given risk. For a cyber insurance policy, that means questions focused on policies, procedures, supporting evidence, incident response plans, and other aspects of your current cybersecurity stance. These include (but aren’t limited to): 

  • Do you have up-to-date, active firewall technology in place? 
  • Are all computers, networks, and mobile devices equipped with up-to-date, active antivirus software? 
  • Do you have a process in place to regularly download and install software patches? 
  • Do you have established backup and recovery procedures for business and customer data? 
  • Do you have an established incident response plan for dealing with a network intrusion? 
  • In the event of a computer system disruption, do you have a disaster recovery/business continuity plan? 
  • Do you have procedures to ensure that any of your service providers who have access to your systems or confidential information have adequate network security controls in place? 
  • Do you have multifactor authentication in place for remote access to email, remote network access, and administrative access? 
  • Are you currently compliant with applicable standards such as PCI-DSS, HIPAA, etc.? 
  • Do you encrypt private or sensitive data in your database or network, while in transit in electronic form, on mobile devices, on employee-owned devices, and while in the control of third-party service providers? 

Additionally, your potential insurer will ask about any losses your business has previously suffered in this realm from a breach. For example, they’ll want to know if you’ve previously had a network or computer system disruption (either from an attack or system failure), if you’ve suffered a data breach, or if you’ve been the victim of ransomware. They’ll also request information on claims, complaints, or litigation you’ve been involved in relating to cybersecurity issues, with all relevant details. 

Sound like a lot? It is! 

But this is how insurance companies do their due diligence to make sure you’re doing yours

Honest Answers Only! 

It may be tempting to answer these questions with what you think insurers want to hear. After all, maybe you’re working on improving your cybersecurity but you just haven’t had the chance to get everything squared away yet.  

I’ve got one word for that—DON’T.  

False information on an insurance application isn’t just a reason for an insurer to deny a claim. In numerous jurisdictions in the US and its territories, knowingly providing false information on an insurance application can lead to civil or even criminal penalties – up to and including prison time! Those optimistic answers could turn into a fraudulent time bomb at the worst possible moment for you and your business, so don’t guess or take any chances! 

The easy way to genuinely protect your business and satisfy your insurer is to call in the experts at Petronella Technology Group, Inc. (PTG). We can address all the cybersecurity and compliance requirements you need to have in place to get coverage, with processes, procedures, and security solutions designed for the unique needs of your business. Our patented 22-layer cybersecurity stack, over 100 years’ combined experience, certified expertise, and innovation keep us—and you—ahead of today’s cybercriminals.  

To find out how PTG can get you the protection you need, contact us here to schedule a free consultation now. 

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30
    Top