Using Cyber Insurance for Risk Mitigation

Enterprise security has become a complex and expensive affair. Securing an enterprise requires thorough knowledge of information security, dedicated skills and continuous resolve.  For many enterprises, the first step in security is conducting a risk assessment, then devising plans to reduce or evade the effects of specific risks.
Risks can be addressed in four ways:[1]

  • Risk Avoidance. The costliest way to deal with a risk is to avoid it altogether. 
  • Risk Acceptance. If the cost of handling the risk is more than the risk itself, then nothing is done to address that risk.
  • Risk Limitation. A combination of acceptance and avoidance, some actions are taken to reduce the risk, but the risk may not be completely eliminated.
  • Risk Transfer. An intelligent way of handling the risk is to shift it to someone else. One example of risk transfer is obtaining cyber insurance from a third party.

Read More

About the author: Abdul Subhani