We manage more than a quarter billion dollars of premiums for a diverse range of clients around the globe.
In several of my most recent “Cyber Tuesday” posts, I’ve discussed the importance of developing a comprehensive cyber risk mitigation strategy which includes IT security measures, well thought out incident response, business continuity documentation and cyber insurance. A recent ransomware event at the University of Calgary shifted the focus to the cyber insurance.
When addressing cyber risk and the threat of ransomware most of the time we focus on prevention and mitigation strategies. However, being prepared to respond quickly and efficiently when an event does occur is just as important to operations recovery, cyber event cost reduction, and brand/reputation protection. Having a well-defined, documented, and regularly tested Incident Response Plan (“IRP”) that aligns with your Disaster Recovery/Business Continuity Plan (“BCP”) can help your organization to recover from and remain operational during a cyber breach event.
When considering cyber related risk, many would often think, “How could my organization’s system be breached?” Hopefully, they plan some defense for their server being hacked and purchase Cyber Liability Insurance that covers first party loss. This is all well and good, but it is important to consider the exposure when storing data with an off-site storage provider or granting system access to a vendor/provider of any kind. What if they are hacked?
As it stands today securing a cyber liability policy is almost mandatory for organizations who store any client/customer related data or connect to the internet… which is almost everyone at this point. However, when a cyber breach or related claim occurs, looking to your traditional policies to provide coverage may be worthwhile.
You thought everything was in its right place. Firewalls are properly configured, systems are patched on a scheduled basis, anti-virus is up-to-date… but something has gone wrong and your network has been breached. Your employee or customer’s Personally Identifiable Information (“PII”) has been taken, or worse, been made public…but what happens next?
Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt. You have the choice to spend countless hours rebuilding from backups (if you were diligent enough to ensure they will work) or you can pay the perpetrator to unlock your files. This is the scenario many, many firms and individuals are facing now that ransomware is spreading like wildfire through malicious emails, “malvertising” campaigns and exploit kits.
One of the most significant cyber threats to any company’s security is the Rogue Employee. Who is this person? Someone who has been entrusted with access to the system(s); (i.e. databases, customer records, HR records, confidential email, etc.) and who chooses to hurt the company and fellow employees by intentionally performing a wrongful act or providing another with the ability to do so.
Ransomware seems to be everywhere and is one of the latest cyber crime tactics being utilized by cyber criminals to extort money from companies. This malicious code can lock or encrypt your network files or PC until a hefty fee is paid. It can infect your PC, server, network files, and or backup systems and can enter your network through an infected email attachment, downloaded file, or a vulnerability in a network service.
Last week, I attended an excellent Enterprise Risk Management (ERM) workshop hosted by NC State University which highlighted the myriad of issues impacting the maturity of ERM within organizations.
