Insurance Not A Stand-In for Safe Practices
DATA PROTECTIONSeptember 27, 2012
Though organizations are increasingly investing in cyber-breach insurance policies, they should be sure to “avoid the hazards of choosing a policy that may not pay out when the worst occurs,” Dark Reading reports. “These insurance policies can’t eliminate risk; they can only help you control and minimize it,” said one expert. “It’s really one arrow in the quiver of those dealing with today’s cyber risks and some of the liabilities that can spring from them.” Insurance should not be a “stand-in” for encrypting sensitive data, maintaining controls over access to databases and monitoring database activity, the report states.