| |NOVEMBER 20239CIOReviewpolicies typically cover the following out of pocket expenses:· Data breach event management (this includes the costs of hiring an attorney specializing in data privacy who can advise the company of its obligations, as well as engaging a forensic investigator, offering credit monitoring to impacted consumers, and engaging the services of a public relations consultant)· Business interruption (this refers to the lost income and extra expenses resulting from an outage to your company's network)· Cyber extortion loss (this refers to the cost of hiring a threat consultant as well as the payment of ransom, unless such payments are being made to an entity sanctioned by the government)· Data restoration services (in some cases, policies will also cover the costs of computer hardware replacement, also known as, "bricking" coverage) and· Cybercrime coverage (this reimburses the insured for the losses associated with misdirected payments or uncollectible receivables due to social engineering or invoice manipulation. It can also respond in cases of utility fraud, also known as "crypto-jacking").Although small businesses have only recently begun to warm up to Cyber insurance, the coverage has been essential to the risk management strategy of most large companies for years, and with good reason. A study conducted by IBM and the Ponemon Institute found that the average cost of a data breach in the United States was $4.24 million in 2021, up significantly from $3.86 million the previous year. And data breaches are only one type of a cyber event that cause financial and reputational harm to a business.Because of the steep payments that insurers have made on these claims, the coverage has become much harder to qualify for. In fact, the underwriting process itself can serve as a "gut check" for companies to ensure that they have proper controls in place. No cybersecurity plan is foolproof, and without a way to transfer the portion of the risk that can never be eliminated, your organization may face costly consequences down the road.Why Integrate Cyber Insurance into Your Incident Response Plan?Your cyber insurance policy most likely contains a list of pre-approved vendors (or "panel firms") that you will be required to use in the event of a data breach or other incident. It makes sense to confer with these service providers in advance and to even conduct a tabletop exercise so that everyone understands how the company will respond in the face of an attack. Your insurance broker should have a seat at the table to explain how the coverage might apply to different loss scenarios. Developing an incident response plan goes beyond knowing whom to call at the insurance carrier's hotline; business leaders should establish procedures for resuming secure communications if the network has been compromised. They should also determine who has the authority to decide whether to voluntarily shut down the network, whether and under what circumstances they would consider payment of a ransom to terminate a cyber extortion threat, and how to message updates to regulators and stakeholders. This information should be stored offline and be readily accessible to decision makers in case their email has been compromised and their files become encrypted. Additionally, if the company wishes to use a particular service provider (such as a law firm or forensics team) that is not on the insurance carrier's panel, your broker can seek to have this firm added to the policy by endorsement. That is a conversation that should take place with the underwriter prior to there being an incident; it becomes a much harder request to accommodate while an attack is playing out in real- time.The Bottom Line:Cybersecurity is complicated and the types of threats businesses face continue to evolve. However, insurance has a role to play in helping your company identify the preventative measures that can help thwart attacks and make your business more resilient should one occur. Cyber insurance also connects you with qualified service providers who can help your business respond to an event. By taking advantage of this coverage, you can reduce the likelihood and severity of these incidents. Cyber insurance can often provide proactive risk mitigation resources, as well as critical services such as breach response support to help your organization get back up and running quickly should a cyberattack occur
< Page 8 | Page 10 >