Implementing Privacy by Design, Part 5: Cybersecurity Insurance

Any business collecting and processing personally identifiable information (PII) and holding confidential information and trade secrets must consider cybersecurity insurance. If PII is exchanged between businesses, cybersecurity insurance is a standard requirement of cyber risk management. Businesses understand that insurance is a safeguard against the risks and potential costs of an attack and that internal resources may be inadequate to cover potential costs of such an attack.

This program will review the best practices and controls required in order to purchase cyber insurance, including measuring cyber risk from a legal and financial perspective, and reviewing the common questions insurers ask.

Learning Objectives:

1. Map PII, confidential information, and trade secrets

2. Identify best practices and controls

3. Discuss incident response planning

4. Review the insurance questionnaire