AIG in conjunction with cyber security company IASME Consortium Ltd and insurance broker Sutcliffe & Co has launched a cyber product for SMEs associated with the government’s new Cyber Essentials scheme.
Many businesses are now required to show evidence of compliance with approved standards or qualifications along with appropriate insurance for many aspects of their business. Increasingly this is true for cyber security as larger organisations are asking their suppliers for confirmation of cyber standards before doing business.
The UK Government, through its Cyber Essentials Scheme, is encouraging all businesses to build cyber security into their companies by focusing on five critical security controls. The IASME Consortium offers a self assessed route to Cyber Essentials which will help small businesses demonstrate that they are operating to those requirements.
AIG supports this initiative and SMEs who are able to demonstrate they have reached certain technical control requirements by passing the IASME self assessment will automatically be entitled to the new cyber product which provides a range of benefits including help to:
· meet the costs of notifying customers of an attack and of offering 2 years credit monitoring to customers whose personal data may have been stolen
· cover the costs of repairing IT systems and restoring data following a cyber attack
· pay fines and penalties if insurable under law
· meet costs of PR to restore reputational damage
· meet legal costs incurred as a result of cyber attack
Raheila Nazir, Cyber, TMT Manager for the UK, AIG said: “Often smaller organisations are seen as a back door entry to large organisations by hacktivists, which is why strict contractual obligations are often stipulated. If an organisation can demonstrate they have assessed such risks and taken steps to mitigate them they can stay ahead of the sophisticated nature of cyber attacks which will reassure the organisations they want to do business with."
Nazir added: “There is, therefore, real value in SME’s complying with the Cyber Essentials requirements and attaining certification as it will improve IT security and offer added protection should they suffer a breach of IT security.”
David Booth, Founding Director of IASME Consortium Ltd said: "IASME came about because we could see no simple or inexpensive way for SMEs to improve their cyber security accompanied by nationally recognised certificate of assurance. We hope that IASME will allow businesses to become cyber security aware and trade with each other with confidence."
Mr Booth added: “An organisation holding an IASME Cyber Essentials Certificate will therefore be able to provide assurance to its suppliers and customers that it is safe to do business with them as the cyber threat is being taken seriously. By combining this with a cyber liability insurance policy, organisations can again show their supply chains that the assurance is suitably insured should a loss occur.”
Duncan Sutcliffe, Director of Sutcliffe & Co said: “Cyber threat is not around the corner, it is already here, we are the ones that need to catch up. I think the combination of assurance with insurance will go a long way to improving the safety and resilience of SMEs in this country."