What can organizations do to lower their cyber insurance premium (apart from switching providers)?

Security Strategy & Roadmap Governance, Risk & Compliance

1.4k views2 Comments

Sort by:

Principle Consultant in IT Services2 years ago

Start working with your insurance company and understand what they are looking for in your security program and build it.

Director of Information Security2 years ago

They should perform BIA and identify cost associated with critical risk if not mitigated to evaluate the total value of cyber risk based on which they can take the cyber insurance. There are many other means but the simplest one is to start performing Business Impact Analysis.

Content you might like

What are your preferred tactics for building effective collaboration on cross-functional teams involved in AI governance and risk management (e.g., joint steering committees, shared KPIs, etc.)? Which roles are currently involved?

How have you adjusted the architecture of your controls for data, identity and access to better support AI governance and security?

Does your org do anything for Data Privacy Week?

Yes (tell us about it in the comments)53%

No but we should39%

No7%

View Results

I'm looking to go for the Certified CISO certification & training as I'm an aspiring CISO. Any recommendations and additional certifications that I should be doing along with that? I already have CISSP.

What's the biggest IoT security vulnerability today?

Weak passwords8%

Lack of consistent update or patch processes37%

Unsecured network services37%

Outdated or unsecured IoT app components8%

Unsecured data storage and transfer5%

Something else (comment below)3%