Menu
Cybersecurity and data protection are now national security issues impacting all U.S. businesses, no matter the size. China and other nation-states, as well as organized and disorganized criminals, are stealing intellectual capital, personal and business information, and creating havoc in business environments. No one is immune, and approximately 60% of small businesses that are hacked never recover. It is time to take this seriously and protect everything valuable to us and our nation. We are at war, act like it.
Cyber and Data Breach Liability Insurance: Protecting Small Businesses and Our Nation
White Paper on the Value of Cyber and Data Liability Insurance for Small Businesses
This document is for small and mid-sized businesses who are considering acquiring “cyber and data breach liability insurance” to protect themselves against the increasing velocity and complexity of cyber and data breach attacks.
There is a appendix for the CMMC
It is also for larger businesses and governments to help them understand the value of the insurance for their contractors and extended supply chain members.
Some may wish to require subcontractors and suppliers to have proper Insurance in place, as a stipulation to providing goods or services to them. The paper is in the CMMC section.
Please provide feedback associated with this living document!
This white paper is a living document.
We are looking for germane contributions associated with the following topics contained in the body of work. .
- What is Cyber and Data Breach Liability Insurance
- What to Look for in an Offering
- Suggested Requirements
- Examples of Underwriting Questions
- Sample Requirements for Contracts
- Value to the Cybersecurity Model Certification (CMMC)
We would also like to hear of new topics associated with insurance.
Please send comments to insurance@rightexposure.com
A special Cybersecurity and Data Liability Insurance policy is available for small businesses Here ->
Large Organizations are Small Organizations Too
Large public and private organizations are comprised of big, medium and small organizational components. Sharing a common understanding and unified messaging is critical to delivering business/mission value and security.
Small and mid-size businesses are the largest group of employers. Thinking of large organizations separately from this group ignores very important opportunities to increase business value and security because they are all connected and interdependent.
FTC Guidance for Cyber
The Federal Trade Commission easy to follow guidance for small businesses.
Note: The FTC is going to update and release new guidance Oct 18th.
Is Your Business Prepared for an Emergency?
Is Your Data?
When an emergency strikes, your business’s most vulnerable asset may not be in the stockroom or warehouse. It could be the data that has been central to your success. The FTC has six steps you can take to help protect your company’s information from the unpredictable.
Secure Paper, Physical Media, and Devices
High-profile hackers grab the headlines. But some data thieves prefer old school methods – rifling through file cabinets, pinching paperwork, and pilfering devices like smartphones and flash drives. As your business bolsters the security of your network, don’t let that take attention away from how you secure documents and devices.
FTC law enforcement actions, closed investigations, and experiences we’ve heard from businesses demonstrate the wisdom of adopting a 360° approach to protecting confidential data. As Start with Security suggests, securing paper, physical media, and devices is an important part of that strategy.
NIST 800-171 Controlled Unclassified Information
The protection of Controlled Unclassified Information (CUI) resident in non-federal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its assigned missions and business operations.
NIST releases 1.1 Roadmap to the NIST Cybersecurity Framework
Product or service to help Business Risk Management including Cybersecurity
Federal Communications Commission on Reasonableness
By clarifying that our standard is one of “reasonableness” rather than strict liability, we address one of the major concerns that providers—including small providers and their associations—raise in this proceeding.
Mitre Releases Supply Chain Guidance for DoD
“Deliver Uncompromised”
"If we guard our toothbrushes and diamonds with equal zeal, we will lose fewer toothbrushes and more diamonds."
"It is super invigorating to work with team members who have a singular focus which is driving greater value through greater product and capability out to the business." para phrasing his the rest of his comments: 'no body wants to do cyber or tech for the sake of tech. They want to solve a problem, that is real invigorating."
“If you’re asking me if I think we’re at war, I think I’d say yes”…We’re at war right now in cyberspace. We’ve been at war for maybe a decade. They’re pouring oil over the castle walls every day.”
Pages
- CMMC
- Botnet Guidance
- DHS Cyber Essentials
- CMMC Updates
- Insurance
- DHS ITC Supply Chain Task Force
- GDRP
- First Steps Landing
- 404
- DoD CMMC
- Cyber Insurance Guidance
- Small Business Support
- About
- NIST 800-171 Conference 2018
- Emergency Preparedness
- Secure Paper Media Devices
- Secure remote access to your network
- Secure Passwords Authentication
- Risk Management Framework
- Cyber Security Month
- National Cyber Strategy
- RightExposure-Home
- Internet of Things
- NIST 800-171
- Secure Remote
- Defense Contractors
- Federal Trade Commission Cybersecurity Videos
Categories
Contact Us
Phone 202 839-5563 – – email sustainable@rightexposure.com
Cyber liability and Data Breach Consulting
About us
Phasellus sodal dictum dolor quis fringilla. Nunc accumsan velit sit amet enim maximus solsodales.
Our mission
Help small businesses understand t
Our offer
- sed accumsan enim rutrum
- Etiam fringilla lobortis
- Aenean iaculis magna