<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

Cyber Risks vs. Insurance: Where Do They Intersect?

The Relationship Between Cyber Risk & Insurance

Some commercial insurance categories map intuitively to the vulnerabilities that could trigger them. Not having a sprinkler system increases the risk of catastrophic fire, and such a fire in a factory will clearly cause loss of property and interruption to business operations. It's easy to draw the line from sprinklers to property and BI risk.

Other times, risks themselves can be hard to understand, and therefore hard to map to insurance exposure. Even if you know something about a company’s IT vulnerabilities, it can be hard to know exactly how, for example, a poor software patching regimen impacts the threat of ransomware and therefore potential losses resulting from dealing with a ransom situation. What is software patching, anyway?

Risk Exposures: Explained

Making matters worse, many IT security exposure categories map to multiple possible insurance risks. To make sense of these complicated interactions, we put together a document that provides a basic overview of how common IT exposure categories map to insurance risks. 

 

[INFOGRAPHIC] Risk Exposure Explained

 

The Corvus Scan identifies eight primary categories of risk exposure: Software Patching, Web Encryption, Email Security, Web Applications, Threat Intelligence, Defensibility, System Hosting, and DNS Security.

Our infographic explains how all of these eight categories may potentially relate to an insurance policy. For instance, poor email security can lead to a bad actor gaining access to an organization’s sensitive information. Poor system hosting might allow a hacker to shut down an organization’s website, leading to an interruption of business. It’s all connected, and it all goes back to your risk exposure.

Recent Articles

Women in Cyber: Advice from the Field


In honor of Women’s History Month, we connected with women making significant contributions to cyber to collect career advice, lessons from the field, and...

Law Enforcement Can Help in a Cyber Crisis — But Prevention is Even Better


Law enforcement is thwarting threat actors on the dark web. But what can organizations do to lay a strong security foundation (with or without the FBI's...

What’s Next in Tech E&O: What Corvus Underwriters Are Seeing


Corvus’s Tech E&O underwriters are keeping an eye on what’s next for the Tech E&O market. Learn more about their insights.