Coalition, a cyber insurance company for small and midsize businesses, announced a full-spectrum coverage to protect manufacturers from property damage, bodily harm, and pollution caused by security disaster, cyber incident, technology failure, or data breach.
“There is currently a significant gap in cyber insurance coverage for manufacturing firms who experience property damage, bodily harm, and pollution resulting from a security failure or breach,” says Joshua Motta, CEO and co-founder of Coalition. “This is a major exposure, especially for these companies that have industrial control systems (ICS) that control physical processes. Coalition’s policy for manufacturers is the first of its kind in the industry to address this gap while also providing coverage for the losses most frequently experienced resulting from external data breaches.”
For high-tech manufacturers, these issues are becoming both more commonplace and more expensive, putting organizations in a “not if but when” situation. Increasingly, cyber criminals are attacking manufacturers, especially small and mid-sized organizations. In fact, manufacturing is the second most targeted industry for cyber attacks, according to a recent report from the U.S. Department of Homeland Security. Meanwhile, 86 percent of cyber attacks against manufacturers are targeted as opposed to being simply opportunistic, the Verizon’s 2018 Data Breach Investigations Report found. Although highly cognizant of the potential costs of natural disasters and other failures, though, manufacturers may not recognize the need for insurance protection around cyber events.
ISACA’s 2018 State of Cybersecurity and 2018 Cybersecurity Culture research, meanwhile, released last summer found that, although three quarters of manufacturing organizations have a program in place to promote cybersecurity awareness among their employees, but only 37 percent believe that their programs are very to completely effective. Further, 47 percent of manufacturing organizations are spending less than $1,000 on average each year on continuing education opportunities for their staff—versus 25 percent in other industries—and nearly one in 10 reported that their enterprises spent nothing on average each year on these educational opportunities. “Though the manufacturing industry has made great strides in addressing security issues, this research illustrates the need for organizations to elevate cybersecurity as a priority to build the foundation of its cybersecurity culture, better secure their operations, and strengthen the global digital economic ecosystem,” says Frank Downs, director of cybersecurity practices at ISACA.
Coalition’s new policy covers manufacturing firms in a number of areas including:
- Supply chain interruption from cyber attacks against the insured or their suppliers
- Invoice manipulation that results in payments being misdirected or fraudulently directed
- Wire fraud losses from payment or delivery of money or securities
- Property damage, bodily harm, and pollution resulting from a security failure
- Costs to replace computer systems, including industrial control systems, damaged in a cyber attack
- Technology disruption that affects operational and industrial controls, hardware, and/or software
Coalition is hoping to address some of the natural friction in organizations around insurance by simplifying the application process. The application consists of four simple yes/no questions, said Shawn Ram, head of insurance at Coalition. “Cyber insurance offerings typically require an application that runs between eight and 25 pages,” he added. “Very few companies purchase it. We’ve built a technology platform that performs a passive outside scan that captures tens of thousands of variables in order to provide a quote. It allows us to generate policy coverages that are unique and valuable to organizations we serve.”
Further, the Coalition insurance offerings comes with a free suite of security tools (including a compromised credential tool, a domain service, social engineering monitoring, etc.) to help organizations put better security practices in place. “We believe the tools improve their cyber risk profile so it benefits everyone,” said Ram. “When a claim occurs (and we do expect that), we deploy a team of engineers to put out the fire and mitigate the damage without eroding insurance limits.”
— Hailey Lynne McKeefry, Editor in Chief, EBN