Cybersecurity is on the mind of every business leader today – and for good reason.  In 2020, the FBI’s Internet Crime Complaint Center reported a surge of 3,000 to 4,000 cybersecurity complaints every day, compared to just 1,000 per day before the pandemic. At one point last year, Google said that it observed 18 million daily malware and phishing emails.

With threats increasing so rapidly, decision makers are eager to implement strategies for mitigating their risks and lessening the potential damage to their business from a cyber incident. Leaders should not overlook the role of their insurance broker in addressing cyber risks. A broker can help a company map its cyber risks and identify appropriate, cost-effective ways to transfer risk, as well as offer guidance and assistance in the event your organization needs to file a claim.

We have illustrated a hypothetical claim scenario featuring a fictitious company, GTX71, based on our experience working through these incidents. However, it’s important to keep in mind that every cyber attack is unique in its complexity, and each insurance carrier has its own approach to responding to these incidents.

Before the incident

Operationally, GTX71 was as prepared as possible to thwart cyber criminals.  The company had worked with its insurance broker to make sure they had the proper policy to protect their exposures with adequate limits. GTX71 also practiced cyber incident scenarios, so the organization knew how to respond to protect their systems, finances, and reputation.

During the incident

Despite its best intentions, GTX71 was tripped up by an issue that affects so many companies: human error. In fact, according to Verizon, incidences of human error causing cyber issues grew in 2020, citing working from home as a major contributor.  In our scenario, a new GTX71 employee received an email that appeared to be from a customer. When he clicked on a link in the email, he inadvertently downloaded a type of ransomware that encrypted all of GTX71’s customer data. Soon after, the company received a demand for money to reclaim access to their files.

When GTX71 executives became aware, they immediately reached out to their insurance broker, an important first step for any organization facing a cyber incident. They knew they were required to make their broker their initial point of contact. The broker responded quickly with a plan to coordinate with the company’s insurance carrier to file a claim and arrange for support.

Working directly with GTX71, the carrier assembled a team of its hand-picked specialists in technology, forensics, legal representation, law enforcement, and public relations. They worked quickly to limit the impact of the attack and weigh all the company’s options. GTX71 also implemented the scenario plan they had developed and practiced prior to the attack.

During the response process, the company’s broker engaged with GTX71 and its carrier on a regular basis to ensure the claim was being managed efficiently and progress was being made to remediate the scenario.

After the incident

When the urgent situation was resolved and GTX71 regained access to its customer data, the specialists brought in by the carrier stayed on the case. They managed a multi-month “cleansing” phase to ensure the company’s network and devices were free of any malicious software. They also instituted needed changes to GTX71’s security policies, including enhanced training for employees on proper cybersecurity “hygiene” and other best practices.

The company’s insurance broker engaged with GTX71 for a post-mortem meeting to reassess its weaknesses and re-examine its needs for transferring cyber risk. By implementing stronger controls over their IT infrastructure after the loss, the company and its broker helped mitigate price impacts for cyber insurance after the incident and, ultimately, achieved a favorable outcome.

We’re here to help. Our team can help guide you through a cyber risk assessment and discuss the coverages, limits, sub-limits and additional pre/post-loss services that will affect your business’s unique cyber risk. Call 1-800-716-8314 today.




This article is for informational purposes only and is not intended as an offer or solicitation for the sale of any financial product or service. It is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. Please consult with the professionals of your choice to discuss your situation.

M&T Insurance Agency, Inc. is a wholly owned subsidiary of M&T Bank.

Insurance Products offered are: Not FDIC insured; Not a deposit in, obligation of, nor insured by any federal government agency; Not guaranteed or underwritten by the bank; Not a condition to the provisions or terms of any banking service or activity.

Insurance products are offered by M&T Insurance Agency, Inc., not by M&T Bank. Insurance policies are obligations of the insurers that issue the policies.  Insurance products may not be available in all states.


Share this page

If you are interested in sending this page to a friend or relative, please enter the following:

* Indicates required fields
+ Add another

No personal information (including e-mail addresses) about you or your friend will be collected from this e-mail notification feature offered by M&T Bank.

Please Note:

By clicking "ok" below, you will leave and enter a Third-Party Website.

Tenga en cuenta que:

Al hacer clic en “Aceptar”, abandonará e ingresará en el sitio web de un tercero.

Please note that:

  • The Third-Party Website is governed by a different set of terms and conditions and privacy policy than and you should review those terms, conditions and privacy policy prior to reviewing the content of the Third-Party Website
  • M&T is providing a link to the Third-Party Website as a convenience and does not necessarily control the content of, or endorse, the Third-Party Website, it's owner/operator or any information, products or services that are made available on or through it
  • M&T makes no representations or warranties regarding the information, products or services provided through the Third-Party Website

Such Third-Party Website's owner/operator may be regulated by governmental entities and laws that are different than those that regulate M&T.

Tenga en cuenta que:

  • El sitio web de un tercero está regido por un conjunto de términos y condiciones y una política de privacidad diferentes que, por lo tanto, deberá revisar esos términos y condiciones y la política de privacidad antes de evaluar el contenido del sitio web de un tercero
  • M&T le proporciona un enlace al sitio web de un tercero para su comodidad y no necesariamente tiene control sobre el contenido, o se adhiere, al sitio web del tercero, su propietario/operador o ni a ninguna parte de la información, producto o servicio que se ofrezca a través de él
  • M&T no ofrece declaraciones ni garantías respecto de la información, productos o servicios prestados a través del sitio web de un tercero

El propietario/operador de ese sitio web de un tercero podría estar regulado por entidades gubernamentales o leyes que son diferentes a aquellos por los que está regulado M&T.