AXA Cyber Insurance Review
AXA is a leading global insurer that offer cyber cover to companies worldwide. We take a closer look at the protection available to UK businesses and how it compares to their rivals.
About Axa XL
AXA XL is a division of AXA that offers specialised cyber cover in the UK and countries across Europe and further afield.
AXA AL is committed to being a trusted to business owners and directors who want to improve their cybersecurity and protect against cyber threats. They have an expert team on hand to help companies minimize the possibility of attack and damage from cyber breaches.
AXA AL cyber insurance in more detail
AXA’s cyber insurance solutions include a modular cyber and data protection policy designed to fit the needs of your industry sector – for both third-party liability and first-party losses. Some of the key benefits they offer include:
- Flexible coverage: That you can tailor to suit your business, with products that cover privacy, network, media, errors & omissions, and more.
- Proactive risk management: Including clients proactive tools, services, and resources to identify, mitigate and respond to cyber threats.
- Customer-focused claims: AXA’s dedicated claims team is ready to help. They partner with clients to navigate a cybersecurity breach, respond quickly, recover, and keep your business moving forward. Claims can be reported 24 hours a day, seven days a week.
Along with these extensive and flexible coverages, AXA can deliver an array of services to help you prevent attacks and respond quickly and effectively if your business is struck.
Axa AXL Cyber Coverage options
- Data breach security and privacy liability
- Media internet communications
- Business interruption and extra expense
- Loss/destruction of electronic assets
- First party incident responses including IT forensics, notification costs, call centre, and PR expenses
- Privacy regulatory defence costs and coverage of regulatory fines and penalties (where insurable by law) arising from a privacy or security wrongful act
- Data restoration
- Cyber extortion
AXA XL can also add cyber and data protection coverage to communications, media, and technology companies either on a standalone basis or as part of a broader professional indemnity policy.
AXA XL’s pre-breach services help their clients understand the wider cyber landscape and the potential threats they face, as well as determine targeted actions to help improve their overall cyber resilience.
Some of the key features of their pre-breach offering include:
Threat Intelligence (TI) reports. Prospective clients, subject to a minimum premium threshold, can get a free Summary Threat Intelligence report, produced by Accenture Security alongside their cyber quote.
This report includes an outside-in view of both the current cyber risks your company faces, as well as insight into threats impacting your specific industry sector.
Once you’ve taken out a policy you’ll get a full Threat Intelligence report containing more detailed insight and actionable next steps.
How does this help you?
To start with, understanding the latest emerging cyber threats impacting your industry can help you and your business stay ahead of potential threats.
The report also helps highlight any specific threats facing your company, including dark web threats and any infrastructure vulnerabilities you may not have identified.
Finally, it’ll also recommend specific actions appropriate to mitigate against these threats, and vulnerabilities, so you can make practical improvements to the way you work to reduce your likelihood of being the victim of an attack.
Even the most well-prepared businesses can’t guard against all attacks, so understanding how AXA XL can support your company following a breach is crucial – their key offerings include:
Accenture Cyber Incident Response Service through your AXA XL Cyber Insurance policy, clients will have use of Accenture’s Cyber Incident Response Service.
Accenture’s Post Breach Response Service gives AXA XL clients a simple guided process through the stages of a cyber incident, from the initial notification, the investigation, and containment, and through to the restoration and closure of the incident.
How does this help you?
- Clear signposted cyber claims process throughout the whole incident
- Access to the right level of technical expertise, combining cyber resilience insight as well as industry experience
- Rapid incident response capability that supports clients in mobilizing, containing, and cost-effectively resolving incidents.
Post-breach response partners
As part of AXA XL’s Cyber coverage, providing access to best-in-class breach response services with specialized teams who are ready to help 24/7. They specialize in:
- IT forensics
- Incident response
- Forensic accountancy
- Cyber extortion management and payment
- Public relations
- Legal advice/support
- First notification of loss
- Identity protection
- Regulatory notifications
- Public notifications including call centre
What benefits can AXA XL offer me compared to other UK Cyber Security Insurance?
- Security coverage includes confidential business information, personally identifiable information, and protected health information.
- Privacy regulatory coverage covers fines or penalties arising from a privacy or security breach.
- You will receive one coverage grant for a data breach response and crisis management costs. This also includes a voluntary notification including the cost for a PCI investigator to conduct an audit after a breach or suspected breach.
- PCI fine coverage and assessments are available by endorsement.
- Wide range of coverage for a business interruption trigger.
- Partnership benefits include a unique collaboration with AXA XL for cyber insurance and cybersecurity expertise.
- Propositions that continue developing to keep up with emerging challenges businesses are facing.
- A range of recommendations that are tailored to improve clients’ security posture.
Ransomware cover with AXA XL
While nearly any organization or individual could be the victim of a cyber thief, many cybercriminals have started to conduct more ransomware campaigns.
AXA have identified the following businesses as typical targets for cyber:
- Those that rely heavily on technology to generate revenue
- Those that have a significant impact on health
- Those that are unprepared
Defending against ransomware attack
AXA XL recommend a 5 stage approach:
- Identify: First and foremost, all organizations must conduct a thorough risk assessment. This is crucial to help know what data is vulnerable, where it is held, and what risks are associated with it – confidentiality, integrity, access.
- Protect: Back up data regularly and store them offline.
- Detect: When ransomware is installed, it attempts to encrypt all it can, or initiate unusually large, incremental backups. A file integrity monitoring solution (FIM) can help the security team see activity and respond quickly.
- Respond: The faster the response to a ransomware attack, the lower the cost and impact on the business. To respond quickly, your business will need: A well-defined incident response plan that includes specific ransomware responds procedures and a list of questions to understand the breadth of the breach
- Recovery: Fast recovery requires preparation long before a breach occurs. AXA XL recommends a 3-2-1 strategy, which includes:
- 3 copies of your data at all times (1 production copy, and 2 additional backups)
- 2 additional backups on different storage media
- Having 1 of the backups offsite and disconnected from the network (offline)
- Backups should be tested to ensure that all information and applications can be restored.
Ransomware case study
In May 2019, Baltimore found itself fighting off cybercrime – a ransomware attack that hit the city – the second known cyber attack in 14 months.
The business had come to a sudden halt as hackers took control of the city’s computer systems, demanding $76,000 in cryptocurrency ransom.
The city refused to pay, since then, city officials have been working hard to restore systems and employee access, which could take months and could cost over $18 million.
In 2018, hackers disabled Baltimore’s 911 dispatch system. However, there was no ransom demand. Instead, officials worked to isolate the threat and restore systems, which were down for 17 hours. The cost of recovering from that attack is still unknown.
AXA XL Cyber Insurance FAQs
How is the AXA XL virtual security consulting session useful?
The virtual security sessions help you get a deeper insight into the wider threat context in your industry and understand the actionable next steps to improve your security posture.
Are PCI charges included in my AXA XL cyber insurance?
Yes, AXA XL expanded privacy and security coverage to include confidential business information in addition to personally identifiable information and protected health information. You can access more information on the Axa AL website.
How do I contact the AXA XL UK team?
You can contact the UK AXA XL team on +44 (0) 20 7621 4318.
What happens if I discover a breach out of office hours?
As part of AXA XL’s cyber coverage, they provide access to best-in-class breach response services you can report claims 24 hours a day, seven days a week
Once you report your breach your case will be passed to Accenture’s cyber incident response team who will review what’s happened and start your response plan.
How does a Threat Intelligence (TI) Report help to protect my business?
Threat Intelligence (TI) Reports highlighting the specific threats impacting your company, including dark web threats and infrastructure vulnerabilities.