Cyber attacks are growing in numbers and the average cost of cyber attacks is increasing. Because of this, there are more insurers in the market offering cyber coverage while placing the onus on insureds to take the necessary steps in preventing cyber breaches.
Businesses are often unprepared for cyber breaches because of an underestimation of the risk. If a company thinks it will not be a victim of a cyber breach, it will not take the problem seriously enough to implement robust security measures.
Cyber Practice Leader, Neal Jardine commented:
“Hackers used to be more disengaged and used a spray and prey approach with ransomware to extort their victim and commit crimes but now criminals are targeting employees in influential roles within a company to commit more complex attacks leading to higher payouts.”
Assessing cyber risk goes beyond looking at the price tag of a security breach. If a breach happens, the aftershock will permeate the whole business. The risk has to be treated seriously or it will have a ripple effect throughout the company.
Expert Cyber Adjusters can control claim loss costs, gather the facts, focus on the details of insurance coverage and engage the necessary experts to provide the best action plan post cyber event for the insurance client to protect their insured and uninsured assets.
Adjusters with a broad range of cyber experiences can also explain to a client how the insurance policy will respond, what is not covered and what their requirements are under the various privacy laws in Canada.
For more complex cases, Breach Coaches may be needed to help the insured understand the legal compliance requirement when personal information is exposed to threat actors. However, Jardine advises “Breach Coaches can often get pulled into dealing with business interruption, public relations or ransom negotiations.”
“Businesses never think they will be the next victim. It doesn’t matter that you don’t store personal information. It’s not about the data that you store: you are a business that makes money using data and that makes you a target. What people don’t realize is that it’s not the value of the data to the hackers that matters — it’s the value of the data to you. What you would pay to get that data back”, Jardine concluded.
To read more about how cyber criminals access and manipulate computer systems and how you can control costs when cyber-attacks happen, download the Lessons from a Front Line Cyber Adjuster white paper.