Cybercrime is expected to account for a loss of $10.5 trillion globally by 2025, according to a recent report from research firm, Cybersecurity Ventures. While many commercial building owners believe their properties are covered from these types of risks through general commercial property insurance policies, cyber event inclusions within blanket property insurance policies likely do not provide the necessary breadth of coverage.
According to a recent whitepaper between JLL’s Property Management group, Red Bison Technology Group and Aon in order for commercial property owners to gain comprehensive cyber protection, they must fully understand the risk of Information Technology and Operational Technology (IT/OT) threats, why comprehensive cyber insurance is necessary to protect against catastrophic loss and how to meet minimum compliance and cyber insurance requirements.
“I frequently have conversations with building owners who remain confused about the risk of OT threats and what is or is not covered,” said Jason Lund, Leader of Technology Infrastructure at JLL. “In the past, this lack of understanding was not researched sufficiently by the owner. Unfortunately, the problem has now become too great to ignore. Much of what we’re doing now is helping our clients think through their OT cyber issues so we can help direct them to providers that specialize in cyber risk mitigation and reduction services. For example, building owners should know the requirements of their accountability for transparency regarding cybersecurity incidents. This is the type of information we want our clients to know is potentially on the horizon, so they can be prepared for it.”
In addition to evaluating cyber security posture and reviewing coverage gaps in current insurance policies, building owners need to also focus on protocols, such as infrastructure architecture, security and training controls, to avoid limiting their coverage capacity from insurers.
According to Joanne Quintal, Cyber Solutions Team Managing Director at insurance broker Aon, this is because “based on the rise of cyber claims that have continued to develop from both frequency and severity, insurers have been forced to reevaluate their underwriting results. In a hard market, premium rates go up and coverage reductions/exclusions are added. In this environment, insurers are keenly focused on identifying and evaluating the adequacy of individual cyber security profiles. This investigative work can result in insufficient coverage capacity for a buyer if sufficient cyber security protocols are not in place.”
To effectively meet the necessary requirements in obtaining cyber insurance, Dave Cahoon, CTO at Red Bison, advised that “it is important to consult with an expert that understands the unique needs of commercial real estate and how to most effectively mitigate risks that exist within building and campus digital infrastructures.”
Cahoon’s recommended approaches include evaluation of access to all ingress and egress points, deployment of the right network platform, such as a Zero Trust Network Access (ZTNA) and an overall ease and use of management of IT/OT systems to mitigate the risk of impacting digital transformation productivity gains.
JLL’s 2,300 property management experts in the U.S. provide comprehensive real estate services in more than 3,800 buildings totaling more than 745 million square feet.
Image licensed by unsplash.com