MALVERN, UK: Vigilance can report that Malvern-based cyber security company, IASME Consortium Ltd, has joined forces with insurance broker Sutcliffe & Co to launch a combined cyber security assurance and insurance package aimed at the small medium business which it believes is a first in the UK.
According to a spokesperson for the companies, in many industries and professions, businesses are now required to show evidence of approved standards or qualifications along with appropriate insurance before business is transacted, adding while it is impossible to enter a construction site, supply a supermarket, or give financial advice without meeting a range of pre-conditions, the possibility of a cyber threat is currently overlooked for many smaller companies.
The IASME information assurance management standard is an accreditation given to small and medium sized businesses that demonstrate a good level of cyber security. The IASME Certification is available either as a self-assessment version or as one audited by a trained assessor and independent moderator. When combined with a Cyber Liability Insurance policy from Sutcliffe and Co businesses will have a comprehensive level of protection for their organisation and companies they trade with. Sensible risk management like this can help to reduce security risks. This scheme isparticularly beneficial to businesses that use/transfer data and share information within a supply chain.
Duncan Sutcliffe, Director of Sutcliffe & Co said: “The cyber threat is not around the corner, it is already here, we are the ones that need to catch up. I think the combination of assurance with insurance will go a long way to improving the safety and resilience of SMEs in this country."
In the US the supply chain is now commonly asking for confirmation of cyber standards before doing business. Now, because regulations in the US regarding cyber breaches are notoriously tough, approximately 25% of US firms have cyber liability insurance, and it’s likely that similar laws and trends will be seen here in the UK over the coming months. An organisation holding an IASME Certificate will therefore be able to provide assurance to its suppliers and customers that it is safe to do business with them as the cyber threat is being taken seriously. By combining this with a cyber liability insurance policy, organisations can again show their supply chains that the assurance is suitably insured should a loss occur.
David Booth, Founding Director of IASME Consortium Ltd said: "IASME came about because we could see no simple or inexpensive way for SMEs to improve their cyber security accompanied by nationally recognised certificate of assurance. We hope that IASME will allow businesses to become cyber security aware and trade with each other with confidence."
The IASME Certification also requires a business to look at its electronic, physical and human processes in order to make ongoing improvements to its cyber security. Because SMEs have differing requirements and resources, the improvement work can be done internally or via external consultants, and IASME offers differing levels of accreditation standards to suit the business in question.
The launch of the cyber liability insurance package offered by Sutcliffe & Co and supported by IASME certification took today, 13th February and it also featured a presentation by a senior underwriter from leading insurer AIG Europe, who has many years’ experience in the US cyber liability market.
Cyber Liability Insurance cover can include contamination of third party data, breaches of personal or corporate data, accidental or malicious acts, notifications, reputation management, extortion, fines, penalties and expenses. With the average cost of a data breach exceeding $1.50 per record in the US, having the right insurance could soon be invaluable in the UK too.