When a Data Breach Occurs Will You Be Prepared?
While proper cybersecurity is integral, you should also develop a cyber incident response plan should a data breach occur.
In 2017, large cyber breaches at Yahoo and Equifax were disclosed. Marriott, British Airways, and Facebook were among the companies that fell prey to major cyberattacks in 2018. Inevitably, in 2019, there will be other unsuspecting casualties — small and large corporations alike. Though most still naively believe it cannot or will not happen to their company.
Typically, cyber incidents at large companies make the headlines, but those events are a small percentage of all successful cyberattacks. More often, the victims are small-to-medium sized businesses (SMBs) that do not have appropriate resources to fully protect employees, customers and the company from a cyberattack.
Electronic security and life-safety companies are no different than many companies in other industries. Companies invest money and resources for the latest products that help protect their company and their customers from cyberattacks.
Employees receive training on how to identify suspect emails and how to steer clear of potentially dangerous websites. Product manufacturers incorporate the latest cyber secure technology into their product designs to help protect against breaches when their products are added to a company’s network.
And still, the number of successful cyberattacks and security breaches increases annually. It is not a matter of if, but when an organization will fall victim to a cyber incident. The question is: are you prepared?
Tighten Up Defenses, Develop a Strong CIRP
USI Insurance Services cyber and technology risks experts are frequently asked by companies to recommend the best cyber insurance protection. The answer depends on a variety of factors, including a company’s appetite for risk retention versus risk transfer, its greatest cyber-related concerns, and which assets are most at risk from a breach.
Still, there are three essential steps that can help companies shore up their cyber defenses:
- Develop a cyber incident response plan (CIRP)
- Review insurance coverage regularly
- Minimize business interruption
Recent studies show that the longer it takes to detect, respond and contain a cyber event, the higher the financial impact. The 2017 data breach at credit reporting bureau Equifax serves as an excellent case study.
Equifax, following one of the largest cyberattacks in U.S. history, was paralyzed by indecision and poor response execution. According to cybersecurity experts, Equifax, which lost a total of $439 million due to the data breach, had not invested in proper incident management, did not have an effective CIRP and lacked any policies and procedures to guide response requirements.
Developing a strong CIRP is crucial. During a cyber incident, many organizations rely on one or two key people with institutional knowledge to provide guidance and make critical decisions.
This approach can disrupt incident response plans, leading to a failure if those decision-makers are not immediately available. Additionally, a good CIRP plan should contain a solid incident communication strategy that covers compliance-related issues, media communications, internal communications as well as timeframes and guidance for disclosing the incident to affected parties.
Review Insurance Coverages
Have you conducted a thorough review of insurance coverages? The 2019 AppRiver Cyberthreat Index for Business Survey found that nearly two-thirds of executives at U.S. SMBs are more concerned about suffering a major data breach than other traditional disasters.
Additionally, recent studies have found that six in 10 SMBs go out of business within six months of a successful cyberattack.
Simply asking your insurance broker or agent if your organization has cyber liability coverage is not enough. It is important that management have a clear understanding of individual coverage details, including the type of cyber occurrence covered; the policy language used (does it list the types of occurrences covered or provide more liberal interpretation of what constitutes a cyber breach); and the amount of sublimits in place (per incident or as an aggregate).
Assess Ability to Recover
Determining the actual financial impact of a cyber breach can be difficult as there are many costs and liabilities that come to light after a breach has been discovered. Oftentimes executives underestimate the time it takes to get their businesses up and running to pre-breach productivity levels.
An honest and in-depth assessment of the business’ ability to recover fully is essential — critical to both the integrity of the CIRP and to determine the amount of business interruption insurance coverage needed under a general liability and/or standalone cyber liability policy.
As cyber threats continue to morph, USI cyber experts are working with organizations of all types to create solutions that can effectively address known and emergent risks, in conjunction with negotiating and placing market leading cyber insurance coverage. Learn more at usi.com.
Rob Tockarshewsky is Vice President, P&C for USI Insurance Services.
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!