Cybersecurity is on the mind of every business leader today – and for good reason. In 2020, the FBI’s Internet Crime Complaint Center reported a surge of 3,000 to 4,000 cybersecurity complaints every day, compared to just 1,000 per day before the pandemic. At one point last year, Google said that it observed 18 million daily malware and phishing emails.
With threats increasing so rapidly, decision makers are eager to implement strategies for mitigating their risks and lessening the potential damage to their business from a cyber incident. Leaders should not overlook the role of their insurance broker in addressing cyber risks. A broker can help a company map its cyber risks and identify appropriate, cost-effective ways to transfer risk, as well as offer guidance and assistance in the event your organization needs to file a claim.
We have illustrated a hypothetical claim scenario featuring a fictitious company, GTX71, based on our experience working through these incidents. However, it’s important to keep in mind that every cyber attack is unique in its complexity, and each insurance carrier has its own approach to responding to these incidents.
Before the incident
Operationally, GTX71 was as prepared as possible to thwart cyber criminals. The company had worked with its insurance broker to make sure they had the proper policy to protect their exposures with adequate limits. GTX71 also practiced cyber incident scenarios, so the organization knew how to respond to protect their systems, finances, and reputation.
During the incident
Despite its best intentions, GTX71 was tripped up by an issue that affects so many companies: human error. In fact, according to Verizon, incidences of human error causing cyber issues grew in 2020, citing working from home as a major contributor. In our scenario, a new GTX71 employee received an email that appeared to be from a customer. When he clicked on a link in the email, he inadvertently downloaded a type of ransomware that encrypted all of GTX71’s customer data. Soon after, the company received a demand for money to reclaim access to their files.
When GTX71 executives became aware, they immediately reached out to their insurance broker, an important first step for any organization facing a cyber incident. They knew they were required to make their broker their initial point of contact. The broker responded quickly with a plan to coordinate with the company’s insurance carrier to file a claim and arrange for support.
Working directly with GTX71, the carrier assembled a team of its hand-picked specialists in technology, forensics, legal representation, law enforcement and public relations. They worked quickly to limit the impact of the attack and weigh all the company’s options. GTX71 also implemented the scenario plan they had developed and practiced prior to the attack.
During the response process, the company’s broker engaged with GTX71 and its carrier on a regular basis to ensure the claim was being managed efficiently and progress was being made to remediate the scenario.
After the incident
When the urgent situation was resolved and GTX71 regained access to its customer data, the specialists brought in by the carrier stayed on the case. They managed a multi-month “cleansing” phase to ensure the company’s network and devices were free of any malicious software. They also instituted needed changes to GTX71’s security policies, including enhanced training for employees on proper cybersecurity “hygiene” and other best practices.
The company’s insurance broker engaged with GTX71 for a post-mortem meeting to reassess its weaknesses and re-examine its needs for transferring cyber risk. By implementing stronger controls over their IT infrastructure after the loss, the company and its broker helped mitigate price impacts for cyber insurance after the incident and, ultimately, achieved a favorable outcome.
We’re here to help. Our team can help guide you through a cyber risk assessment and discuss the coverages, limits, sub-limits and additional pre/post-loss services that will affect your business’s unique cyber risk. Call 1-800-716-8314 today.
This article is for informational purposes only and is not intended as an offer or solicitation for the sale of any financial product or service. It is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. Please consult with the professionals of your choice to discuss your situation.
M&T Insurance Agency, Inc. is a wholly owned subsidiary of M&T Bank.
Insurance Products offered are: Not FDIC insured; Not a deposit in, obligation of, nor insured by any federal government agency; Not guaranteed or underwritten by the bank; Not a condition to the provisions or terms of any banking service or activity.
Insurance products are offered by M&T Insurance Agency, Inc., not by M&T Bank. Insurance policies are obligations of the insurers that issue the policies. Insurance products may not be available in all states.