Reducing Liability: Cybersecurity Training, Cyber Insurance, or Both?

cyber security awareness

If you’re not scared, you’re not paying attention. Consider these recent headlines from InformationWeek.com:

  • Average Ransomware Payments Soared in the First Quarter
  • Pandemic Could Make Schools Bigger Targets of Ransomware Attacks
  • Local, State Governments Face Cybersecurity Crisis
  • DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
  • Average Cost of a Data Breach: $116M

Cybercriminals are busier than ever. They’re taking advantage of the disruption caused by the COVID-19 crisis and the fact that many employees are now working from home, many on personal computers.

Cybercrime is costly to your reputation and your bottom line. And that cost is growing: a recent Hiscox survey showed that “losses stemming from cybersecurity threats had grown almost six-fold, jumping from a median cost of $10,000 to $57,000 per company within the reported period (12/24/19–2/3/20).” The report also noted that losses may have been underreported.

How Cyber Insurance Can Help Reduce Costs

 Cyber insurance can lessen costs due to an incident through policies that cover:

  • Restoration or replacement of electronic data
  • Media and website publishing liability
  • Security breach expenses
  • Extortion threats
  • Programming errors and omissions liability
  • Security and data breach liability
  • Public relations costs
  • Loss of business income
  • Other areas of risk specific to your business

You’ll notice we said insurance can lessen costs. Cyber insurance doesn’t reduce your liability or your risk—it forces you to maintain proper security and most policies preclude coverage if you don’t.

How Cybersecurity Training Helps Reduce Risk

Security awareness programs can reduce risk by strengthening one of the areas most vulnerable to attack: your employees. The Insider Data Breach survey 2019 reported that although 92% of employees stated they had not done anything malicious, over 75% of executives believed that employees accidentally put company data at risk.

Cybersecurity training can help employees understand what dangers to watch for and what safety measures to put in place. For example, a phishing awareness program can go a long way toward providing better security: according to Verizon’s 2019 Data Breach Investigations Report, phishing was involved in 32% of data breaches.

To be effective, cybersecurity training must be more than a one-time event. Ongoing security awareness programs that provide information, updates and reminders on a regular basis are much more likely to keep security top of mind for your employees.

Cyber Insurance vs. Cybersecurity Training

 Which is best for your company? Consider your risk and your appetite for risk. Additional considerations might also factor in to your decision, like untrained employees who handle a lot of sensitive data, or contracts that require your business to carry cyber insurance. The best choice, of course, is both. Cybersecurity training can mitigate your liability, and insurance can lessen any financial blows that result from an event.

Our Security Awareness Program Mitigates Liability by Changing Employee Behavior

Alterity’s cybersecurity courses support long-term change while keeping employees updated about the newest threats. We provide monthly lessons with different topics, and the information is offered in a variety of formats to suit every learning style. All of our cybersecurity modules are available 24/7 and can be completed from home or the office.

Make your business safer with us. Sample our course offerings on our On-Demand Learning Portal today!