Whether your team exclusively works remotely, is in-house or a hybrid of the two, Cyber Insurance is an important aspect of your overall Business Continuity program.   As the early days of COVID hit and more employees were sent home to work remotely, bad actors took advantage of various situations and, according to the FBI, U.S. Internet Crime went up a whopping 70% in that single year (2019 – 2020). In fact, ransomware attacks continued to surge in 2021: https://fortune.com/2022/02/17/ransomware-attacks-surge-2021-report/   As a result, it became increasingly obvious that there was a need for broader coverage than basic corporate general liability insurance.  Enter the world of Cyber Insurance.

Cyber Insurance differs from General Liability Insurance, so it’s important to review your policies, or consult with your provider and understand what is included in your specific situation.   Most General Liability policies exclusively cover tangible assets.  In most cases, data is not considered a tangible asset. Additionally, Cyber Insurance does not replace the need for good cybersecurity, nor is it a reason to become lax in your practices, either.  Cyber Insurance is simply an additional tool in an organization’s arsenal to help mitigate damages should something unexpected occur.  Insurance itself cannot protect your organization from phishing attempts, malware, ransomware, hackers, or internal bad actors. You are still your best and first line of defense, so, individuals need to remain vigilant in their practices, irrespective of your insurance status.  If you need a review of your cybersecurity practices, or need cybersecurity training for your organization, please contact your UniVista Account Rep. Cyber Insurance merely helps minimize the financial damages as a result of security breaches and similar situations.  

Though it may be tempting, because “hey, you’re covered”, don’t look at using Cyber Insurance as an excuse to reduce your organizations need for good cyber security practices and keeping systems and software up to date.  In fact, in many cases the cost of your insurance is largely dependent upon the strength, quality and level of your cyber security measures – and, the cost is significant if your cybersecurity measures are found lacking.  Typically, Cyber Insurance requires a “risk assessment” for underwriting.  For smaller companies, a simple questionnaire may suffice.  For larger organizations an actual on-site, detailed analysis, carried out by a third-party specialty firm, may be required.  If you have any questions on how to handle Cyber Insurance risk assessments, please contact your UniVista Account Rep.

Cyber Insurance can cover both first-party and/or third-party damages, and it is important to understand the distinction between the two.  First-party damages would include things your company would face as a direct result of the attack; cost of repairs, data recovery, lost revenue, etc.  Third-party damages would include more broader losses like; legal expenses for privacy lawsuits and/or negligence claims, both from private users and regulatory agencies, in addition to any agency fines which may arise from a breach.  Additionally, third-party coverage may also include benefits for Data Breach Consultants along with specialty PR firm expenses to help with the recovery of your business’s image, to not only your customers, but also the general public.  There’s more than just company down time and recovery time to consider in these situations.

Because online threats will unfortunately continue to be a problem for everyone, it’s important to ensure your organization mitigates its risk in every way possible.  Cyber Insurance is an excellent additional tool to utilize in your Business Continuity plan. Again, if you have any questions on how best to handle cybersecurity, cyber insurance assessments and overall Business Continuity, please don’t hesitate to contact your UniVista Account Rep.

Once again we stress the importance of Business Continuity, or in other words how to ensure your business infrastructure and networks remain safe and accessible irrespective of what disaster(s) take place.  Colocations are an excellent method of maintaining, and accessing, your organizations critical infrastructure and are becoming an increasingly popular means to help manage Business Continuity.

In essence, a “Colocation” is what it sounds like; an additional off-site location that houses your data that can be accessed both physically and remotely.  A colocation facility can be part of your organizations in-house real estate holdings, but in an alternate location and facility.  E.g you may have one office in Austin, Texas and an additional office in Dallas, Texas, or even an out of state location, which is networked together to share and manage your data and online infrastructure.  For example, Microsoft has several locations strategically located throughout the country, so if one location has issues, another can take over.  Obviously, most organizations do not have the same resources, but there are great options for businesses of every size.

If additional in-house offices/locations are neither available, nor a viable option for your organization or particular situation, there are specific facilities available that act as de facto locations for other organizations. These standalone colocation facilities offer organizations space for their data and are networked with your organization to keep your information safe and immediately accessible should something go awry.  They not only provide actual physical space and cooling, but they also provide physical security. Space can be leased based on your needs, whether that be by the server, the rack, the cabinet or cage, or even by private suite. Your organization would merely be leasing the “space” and all that it comes with, but the equipment both hardware and software would be yours, along with it’s maintenance responsibility.  A bonus is that, typically, colocation facilities have several built-in levels of redundancy, both in terms of power and networking connectivity.  In fact, many are generally located in areas that are not subject to power outages e.g. are sharing grid-space with critical infrastructure like hospitals, etc.  Additionally, many have their own back up power sources like generations in case “all else fails”, they also generally employ cutting-edge firewalls and cyber security protocols, as well.

Should something happen in Austin, like the rolling black outs back in Winter 2021, depending on how you have things configured, the alternate location could take over and your network and data is both accessible and safe, essentially with little to no downtime or impact on your organization.

Whether owned space or leased, having a colocation is another critical tool for your business to maintain it’s data, keep it safe, and keep your network accessible when things go wrong.  UniVista has vetted several colocation facilities and can help your organization get a colocation set up. If you have any questions about colocations and how your organization would benefit from a co-location, please contact your UniVista Account Rep.