For businesses of all sizes, the threat and financial impact of a cyberattack is rising. Many businesses are looking to cyber liability insurance to help. But the increasing demand for cyber liability insurance, and a tightening supply, has resulted in soaring premiums and a stricter approval/renewal process. For instance, according to Marsh’s November 2021 Cyber Market Report, average U.S. cyber premium rates have increased by 174%.
Dealers are now experiencing a dramatic increase in the scrutiny insurers are taking to determine the insurability of a dealership. Dealers are finding themselves having to provide documentation and answer a growing set of questions to demonstrate to insurers that they have cybersecurity best practices in place. More specifically, insurers want to verify that dealers do the following:
- Use commercially available firewall and anti-virus protection.
- Use intrusion detection software.
- Perform ongoing employee security training.
- Encrypt data both in-transit and at rest.
- Perform continuous threat monitoring.
- Regularly patch and upgrade systems and application.
- Have an incident response plan in place.
- Backup data offsite.
- Have someone with cybersecurity training and certifications in charge of cybersecurity.
- Have procedures in place to comply with laws governing confidential information.
- Have a security operations center (SOC).
- Have specific steps that are taken to detect and prevent ransomware attacks.
- Have multi-factor authentication (MFA) implemented.
Your answers to these and other similar questions will determine whether you can secure cyber liability coverage and the rates that you will pay. Many of these questions are related to the best practices required in the new FTC Safeguards Rule.
Both the FTC and cyber liability insurers are pushing dealers to implement cybersecurity best practices. This is a good thing. The widespread implementation of these best practices is long overdue. By implementing these proven and effective cyber defenses you will mitigate your risk of a successful cyberattack and better protect your dealership’s systems, data, finances, and reputation. If you need help, let us know.