Cybersecurity insurance is a contract that an individual or entity can purchase to help reduce the financial risks associated with doing business online. In exchange for a monthly or quarterly fee, the insurance policy transfers some of the risk to the insurer.

Many companies purchase cybersecurity insurance policies to cover extra expenditures that could result from the physical destruction or theft of digital assets. Such expenditures typically include the cost of notifying customers that a security event has incurred, as well as the cost of regulatory fines.

To qualify for coverage, the individual or entity typically has to submit to a security audit by the insurance company or provide documentation with the assistance of an approved assessment tool, such as that offered by the Federal Financial Institutions Examination Council.

Many cybersecurity insurance policies only cover first-party losses to a company. Some policies, however, may also cover third-party liability losses.

Depending upon the price of the policy, coverage may include first and/or third-party liability for cyberextortion, costs associated with strengthening data security, damages due to corrupt or missing data, damages due to inoperable hardware or software and monetary loss from theft or lost business.

Because coverage is not often for the total amount of damages, many companies choose to buy additional insurance to cover amounts beyond which a cybersecurity policy covers. 

NERC’s monthly newsletter is now available on the NERC website or by clicking here: https://lnkd.in/d3dn39x.

Read about NERC activities in the month of March. Highlights in this edition include:

• NERC, NATF Host Sixth Annual Human Performance Conference and Workshops

• Fourth Reliability Leadership Summit Identifies Key Priorities for BPS

• NERC, CRE and CENACE Sign Memorandum of Understanding.

Firmware is programming that's written to the non-volatile memory of a hardware device. Non-volatile memory is a form of static random access memory whose contents are saved when a hardware device is turned off or loses its external power source.

Firmware, which is added at the time of manufacturing, is used to run user programs on the device and can be thought of as the software that allows hardware to run. Hardware makers use embedded firmware to control the functions of various hardware devices and systems, much like a computer's operating system controls the function of software applications. Firmware may be written into read-only memory (ROM), erasable programmable read-only memory (EPROM) or flash memory. The firmware that is embedded in flash memory chips can be updated easier than firmware written to ROM or EPROM, which makes it more adaptable. 

Today, embedded firmware exists in everything from smartphones to internet of things (IoT) devices so simply that you might not imagine they had computer control. While the firmware in a smart light bulb may not need frequent updates, the firmware on a smart thermostat may need to be updated periodically to remain compatible with smartphone operating system updates. 

Firmware updates are often issued to fix bugs, roll out new features and improve security. Some internet-capable devices regularly check for new firmware and automatically download and install it, while other device manufacturers require the user to visit the manufacturer's website, download firmware updates and install them manually.