In today’s special episode of IT in Plain English, Tammy Ven Dange chats with Susie Jones, the CEO of Cynch Security, as we answer the question, “What is cybersecurity insurance, and why is it important for Not for Profits?“
Here’s the transcript of this interview:
On this special segment of “IT in Plain English,” I welcome Susie Jones, the CEO of Cynch Security, as we discuss cybersecurity insurance. Suzy, thank you for joining me today. Thank you for having me. For those people that are not familiar with Cynch Security, what does your company do?
We’re all about cybersecurity. For small business, we talk about it being cyber fitness, just like physical fitness. So, we have solutions to help even the smallest of businesses to build cyber resilience.
Do you (support) Not for Profits as well?
Absolutely, we do it for anybody that doesn’t have the time, the resources or the budget of big companies.
Okay. Well, the reason why I invited you today is because I know that you actually have a background in insurance as well, before you started the company. And so, I thought it’d be timely with all the latest breaches, especially here in Australia, that it’d be worth having a conversation about cybersecurity insurance.
So, first of all, what is cybersecurity insurance?
It’s an insurance policy that covers you for the cost of having to deal with a cyber incident, whether it be ransomware or a data breach. And helps you recover the costs of loss income, as well as the direct costs of having to deal with the actual incident. It also provides you with access to experts that can help you respond to the incident in a timely fashion. So, brands and experts, lawyers, PR, whomever it is that you might need.
And for those who are not familiar with it, I know I’ve had some Not for Profits recently that I’ve talked to that didn’t have it or didn’t see a need for it.
Why would you recommend (cybersecurity insurance) for even a Not for Profit?
I think in today’s day and age, with the frequency of data breaches and also the size, that it’s just as important as having public liability insurance. Just like you insure your house from burning down, you need to insure your technology from an incident that, as we’re seeing, is more and more likely to occur on any given day.
And I also know that I’ve read, especially in the United States, that it’s actually getting harder for organisations and companies to get cybersecurity insurance. They have to follow some rules to be able to demonstrate that they’re actually trying to protect their assets. Do you think that’s something that’s happening here in Australia as well?
Absolutely! In fact, it’s actually worse here in Australia than what we’re seeing overseas. Particularly because the number of businesses that purchase cyber insurance here in Australia is far lower than overseas. So, the premium pool is lower.
But just like when you purchase house insurance, you need to prove that you have locks on your windows and on your doors. It’s similar with cyber insurance, you need to prove that you’ve done something to protect yourself before an insurance will actually pay in the event of a breach.
And so what are some of the criteria that they (insurance companies) might be looking for?
So they’re looking for basic access controls, making sure that you know what it is that you actually have in terms of data, making sure that you’re not just publishing things to the internet and making sure that you’re using encryption, where it’s needed and required. So really, the basics is what they’re after. But these days, they are also starting to ask an even longer list of questions.
So, any advice that you would give Not for Profits, not only about cybersecurity insurance, but cybersecurity in general?
I think it’s really the time to take stock of what it is that you have, whether it be the data that you have, the systems that you use, just really assess what it is that you have, and then systematically work through to control what you can. It’s no longer time to sit back and say, well, we didn’t have the budget. Now’s the time to get on top and do whatever you’re giving yourself and look at purchasing cyber insurance. It really can save you in times of crisis.
Thanks for that. If people want to know more about what you do and get a hold of you, what’s the best website for them to go to?
Yep, so our website is cynch.com.au. And we have a lot of free resources, a lot of blog posts on there, and you can check out our solutions as well.
Okay, thank you. Susie. Thanks for being on the show today, and I really appreciate this advice.
—
So, there you have it in plain English.
If you have an IT question you want answered, feel free to connect with me here on my website or on LinkedIn and send me a message. I just might answer it on this show.
Sign-up here to subscribe to the “Executive with a Cause” newsletter.
Tammy Ven Dange is a former charity CEO, Not for Profit Board Member and IT Executive. Today she helps NFPs with strategic IT and data decisions.